Managing  for  the  money 

Venture  capitalists  are  backing  new  net  monitoring  and 
troubleshooting  products  from  start-ups  taking  aim  at 
traditional  network  management  packages.  PAGE  26. 


Ben-Shaul 


Face-Off 

Are  application-aware  networks  needed? 

Cisco’s  Issy  Ben-Shaul  says  yes,  but  Raghu 
Ranganathan  of  Ciena  disagrees.  PAGE  34. 


Ranganathan 


Must-see  TV? . . .  Not! 

Net  pros  tell  columnist  Paul  McNamara 
what  they  think  of  Web-based  TV 
invading  corporate  desktops.  PAGE  54. 
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CLEAR  CHOICE  TEST: 


I  CLEAR  CHOICE  IQ  VoIP  TRAFFIC  COPS 

■j»  you’re  expanding  VoIP  beyond  a  single 
1 1  domain,  session  border  controllers  are 
key.  We  tested  four  of  them  find  NexTone  came 

"“""'"i’  PAGE  38 


Does  open  source 
encourage  rootkits? 


BY  ELLEN  MESSMER 

Rootkits  are  becoming  more 
prevalent  and  difficult  to  detect, 
and  security  vendor  McAfee  says 
the  blame  falls  squarely  on  the 
open  source  community. 

In  its  “Rootkits”  report  being 
published  today,  McAfee  says  the 
number  of  rootkits  it  has  col¬ 
lected  as  malware  samples  has 
jumped  ninefold  this  quarter 
compared  with  the  same  quarter 
a  year  ago.  Almost  all  the  rootkits 
McAfee  has  identified  are  in¬ 
tended  to  hide  other  code  (such 
as  spyware  or  bots)  or  conceal 
processes  running  in  Windows 
systems. 

“The  predominant  reason  for 
the  growth  in  use  of  stealthy  code 
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is  because  of  sites  like  Rootkit. 
com,”  says  Stuart  McClure,  senior 
vice  president  of  global  threats  at 
McAfee 

Rootkit. corn’s  41,533  members 
do  post  rootkit  source  code 
anonymously,  then  discuss  and 
share  the  open  source  code.  But 
it’s  naive  to  say  the  Web  site  exists 
for  malicious  purposes, contends 
Greg  Hoglund,  CEO  of  security 
firm  HBGary  and  operator  of 
Rootkit. 

“It’s  there  to  educate  people,” 
says  Hoglund,  who’s  also  the  co¬ 
author  with  James  Butler  of  the 
book  Rootkits:  Subverting  the  Win¬ 
dows  Kernel.  “The  site  is  devoted 
to  the  discussion  of  rootkits.  It’s  a 
See  Rootkits,  page  14 


Desktop  search  tools 
seen  raising  red  flags 


Consumer  tools  brought 
into  workplaces  expose 
companies  to  data  leaks. 

BY  ANN  BEDNARZ  AND  DENISE  DUBIE 

Instant  messaging  products  crept  onto  corporate 
PCs  and  introduced  a  host  of  security, regulatory  and 
management  issues.  In  the  same  way  free  desktop 
search  tools  —  designed  for  consumers  —  are  show¬ 
ing  up  on  corporate  networks  and  raising  concerns 
about  data  protection. 

Desktop  search  tools  use  local  processing  power  to 
locate  items  inside  e-mail  and  data  stores.  Three  of 
the  most  popular  are  available  for  free  from  Google, 
MSN  and  Yahoo.  Most  industry  watchers  agree  the 


products  aid  productivity:  From  a  single  interface, 
users  can  quickly  search  the  text  of  their  e-mail,  con¬ 
tacts,  application  documents,  data  files,  multimedia 
files  and  more. 

The  problem  is  the  information  these  programs  can 
find  and  potentially  expose, such  as  documents  on  a 
shared  file  drive  that  are  not  properly  secured  or 
were  supposed  to  have  been  deleted. 

In  fact  features  of  these  programs  fly  in  the  face  of 
conventional  IT  security  practices.  One  of  the  latest 
consumer  versions  of  Google  Desktop,  for  example, 
has  a  built-in  feature  that  lets  a  user  search  for  items 
across  multiple  computers.  To  do  that,  Google  stores 
indexing  information  remotely,  on  its  own  servers. 
The  software  lets  users  exclude  directories  from  the 

See  Search,  page  53 


When  devices 
just  can’t  break 

Makers  of  'ruggedized'  computers^ 
put  products  to  extreme  tests. 

BY  JOHN  COX 

Don’t  try  this  with  your  Palm  Treo. 

A  team  of  designers  from 
Symbol  Technologies  last  year 
made  a  routine  visit  to  a  customer 
site  to  see  firsthand  how  Symbol’s 
rugged-computer  bar  code  scan¬ 
ners,  mounted  on  forklifts,  were 
being  used  in  warehouses. 

What  they  found  set  a  new  stan¬ 
dard  for  rugged  design. 

During  breaks,  the  forklift  drivers  chalked 
a  bull’^eye  on  a  nearby  wall.Then.they 

See  Rugged,  page  16 


®  WiderNet 


Building  rugged  computers  is 
a  form  of  extreme  engineer¬ 
ing.  Itronix’s  rugged-design 
guru  William  Erler,  an  avid 
rock  climber,  pauses  during 
an  ascent  to  check  his  e-mail 
via  the  vendor's  Duo-Touch 
wireless  tablet  PC. 
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I  ive  people  to  support  and  ideas  to  enable.  Look  out  world,  because  my  network  is  coming  through. 

Dynamic  Networking  from  AT&T  gives  Maya  the  IP  solutions  she  needs  to  connect  suppliers,  customers 
and  employees  worldwide.  With  IP  VPNs,  Maya  has  a  cost-effective  networking  solution  that  allows  users 
to  collaborate  no  matter  where  they  are.  And  with  AT&T's  integrated  network  security,  Maya  knows  she 
can  expand  her  endpoints  without  any  increase  in  exposure. 
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Oracle  Fusion  Middleware 


Engineered  to 

Work  Together 

COMMON 

✓  Installation 
^  Management 
^  Provisioning 
^  Upgrading 
Testing 


Oracle  Fusion  Middleware 

Hot-Pluggable.  Comprehensive. 


J2EE 


Mi 


Enterprise  Portal 


Identity  Management 


Integration 


— 


mMm 


Data  Hub 

, 


Business  Intelligence 


J2EE — Enterprise  Portal  —  Identity  Management — Integration  —  Data  Hub  —  Business  Intelligence 


® 


oracle.com/middleware 
or  call  1.800.0RACLE.1 


Copyright  ©  2005,  Oracle.  All  rights  reserved.  Oracle,  JD  Edwards  and  PeopleSoft  are  registered  trademarks  of  Oracle  Corporation  and/or  its  affiliates.  Other  names  may  be  trademarks  of  their  respective  owners. 
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News 

8  Symantec  stitches  together  e-mail,  security  offerings. 

8  EMC  rolls  out  low-end  virtual  tape  storage. 

10  Red  Hat.  JBoss  kick  open  source  up  a  notch. 

10  Yipes  touts  Ethernet  service-level  agreements. 

12  Start-up  pitches  answers  for  VoWi-Fi. 

12  ConSentry  adds  switching  to  access-control  capabilities. 

12  MessageOne  adds  e-mail  management  options  to  hosted  services. 
14  Google  launches  calendar  service. 


Net  Infrastructure 

19  ForcelO  Networks  scales  IPS 
to  10G  Ethernet. 

19  Siemens  software  protects 
wireless  LANs. 

20  Kevin  Tolly:  Apple's  Boot 
Camp:  A  step  backward. 

20  Packeteer  bolsters  WAN 
acceleration  appliances. 

Enterprise  Computing 

22  Disaster  recovery  high  on  SAN 
user's  list. 

22  PolyServe  squeezes  SQL 
Servers. 

Application  Services 

23  IP  address  management  gets 
serious. 

23  Mimosa  looks  to  ease  Exchange 
upgrades. 

25  Scott  Bradner:  Will  there  ever 
be  a  corporate  Apple? 

26  SPECIAL  FOCUS:  Investors 
seek  network  management 
innovation. 


Service  Providers 

27  More  companies  turning  to 
telecom  expense  tools. 

30  Johna  Till  Johnson:  Let  com¬ 
petition  bring  broadband  to  boonies. 

Technology  Update 

31  802.11s  extends  wireless 
outdoors. 

31  Steve  Blass:  Ask  Dr.  Internet. 

32  Mark  Gibbs:  WildPresenter  is 
almost  there. 

32  Keith  Shaw:  Cool  tools,  gizmos 
and  other  neat  stuff. 

Opinions 

36  On  Technology:  Linux  on 
desktop  warming  up. 

37  Ira  Brodsky:  Wireless  and  the 
great  indoors. 

37  James  Kobielus:  DRM  will 

prevail,  like  it  or  not. 

54  BackSpin:  Why  high  tech  is  at 
fault. 

54  'Net  Butz:  When  'must-see  TV’ 
hits  your  network. 

Management 

Strategies 

46  On  the  job  with  an  IT 
architect:  Techie  discusses  the  role 
and  responsibilities  his  position  with 
staffing  firm  Spherion  entails. 


COOL  TOOLS 

The  Samsung  1709  is  one  of  the 
first  cell  phones  with  Wi-Fi  that  is 
geared  for  the  consumer  market. 
Page  32 


Clear  Choice  Test: 

Session  border 
controllers 
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If  you're  implementing  VoIP, 
i  a  sess'on  k°r^er  controller 

[(  .EAR  CHOICE  l(p]  can  serve  as  an  effective 

traffic  cop  for  VoIP  flows. 
We  tested  four  of  them,  and  NexTone 
Communications  came  out  on  top.  Page  38. 


Ben-Shaul 


Ranganathan 


Face-Off:  Do  users 
need  application 
aware  networks? 

Issy  Ben-Shaul  of  Cisco  votes  in  the  affirma¬ 
tive,  but  Raghu  Ranganathan  of  Ciena  respect¬ 
fully  disagrees,  Page  34. 
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Securing  the  database 

On  Network  Worlds  Hot  Seat  this 
week,  ted  Julian  of  Application 
Security  talks  about  the  new 
threats  to  database  security  and 
what  you  need  to  do  to  protect 
your  company's  information  and 
reputation. 

DocFinder:  3039 

Searching  for  a  new  phone  at 
CTIA 

In  Part  1  of  our  coverage  from 
CTIA,  Cool  Tools’  Editor  Keith 


Shaw  visits  the  Nokia  booth  in 
search  of  a  replacement  for  his 
3-year-old  phone.  Plus,  find  out 
how  to  correctly  pronounce  Nokia, 

DocFinder:  3040 

Forum:  Webaroo's  'Web  on  a 
hard  drive' 

Readers  say  it's  either  ridiculous, 
underwhelming  or  a  lawsuit  wait¬ 
ing  to  happen.  See  how  the  com¬ 
pany  responds  to  legal  questions 
and  leave  your  2  cents. 

DocFinder:  3041 


Online  help  and  advice 

Diagnosing  a  broadband  speed 
problem 

Help  Desk  guru  Ron  Nutter  helps 
a  reader  fix  his  router  problem. 

DocFinder:  3043 

New  software  service  options 

Is  software-as-a-service  a  good 
idea  for  small  and  midsize 
businesses?  Columnist  James 
Gaskin  explains. 

DocFinder:  3044 

Branch  management:  Central 
approach  is  most  popular 


Analyst  Robin  Gareiss  examines 
how  IT  execs  manage  their  branch 
offices. 

DocFinder:  3045 

U.S.  collegiate  programmers 
outclassed 

Alpha  Doggs,  our  new  blog 
reporting  on  the  future  of  net¬ 
working  as  seen  through  the 
results  from  university  and  other 
labs,  looks  at  the  United  States' 
poor  showing  at  the  International 
Collegiate  Programming  Contest. 
DocFinder:  3050 


Seminars  and  events 

WLANs  &  Enterprise  Mobility:  Are  you  everywhere  you  want  to  be? 

Whether  it’s  exploiting  the  full  power  of  3G  broadband,  anticipating  the 
emerging  standards  in  WiMAX  or  capitalizing  on  the  coming  of  VoWi-Fi 
via  cellular  —  if  you  want  to  make  the  most  of  today's  “broadband 
everywhere  world"  attend  our  new  Technology  Tour  event  coming  to 
Miami,  Washington,  Anaheim,  Calif.,  and  Austin,  Texas,  this  month.  It's 
called  Wireless  LANs  &  Enterprise  Mobility:  Know  No  Limits.  It's  free  if 
you  qualify  in  advance.  DocFinder:  3046 


BREAKING  NEWS 

Go  online  for  breaking  news  every  day.  DocFinder  1001 

Free  e~mai!  newsletters 

Sign  up  for  any  of  more  than  40  newsletters  on  key  network  topics. 

DocFinder:  1002 

What  is  DocFinder? 

We’ve  made  it  easy  to  access  articles  and  resources 
online.  Simply  enter  the  four-digit  DocFinder  number  in 
the  search  box  on  the  home  page,  and  you’ll  jump  directly 
to  the  requested  information. 
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CA  to  buy  Cybermation 

■  CA  last  week  announced  it  will  acquire  Cybermation,  a  maker  of  workload 
automation  software  that  CA  says  will  broaden  its  products  for  managing  main¬ 
frame  software.The  $75  million  deal, set  to  close  in  30  days,  will  augment  CAs  work¬ 
load  automation  product  portfolio,  which  consists  of  applications  such  as 
Unicenter  AutoSys  Job  Management  and  CA-7.  Cybermation,  whose  cus¬ 
tomers  include  Allstate  Insurance  and  Moen,  will  provide  CA  with  technol¬ 
ogy  to  help  customers  consolidate  multiple  scheduling  tools  across  plat¬ 
forms,  operating  systems,  applications  and  databases  to  provide  a  centralized 


TheGoodTheBadTheUgly 

Iceland  atop  broadband  world.  The  scan 

dinavian  island  nation  has  the  highest  penetration  of  broadband  sub¬ 
scribers,  at  26.7%,  according  to  the  latest  numbers  from  the 
Organization  for  Economic  Co-operation  and  Development.  The  United 
States  ranks  12th  in  penetration,  though  it  has  the  highest 
overall  number  of  broadband  subscribers,  at  49  million. 


<  Hackers  at  center  of  this  fish 

tale.  Washington  state  is  redoing  a  public  vote  on  the 
official  state  quarter  design  (two  of  the  three  proposed 
2 ...  „  designs  feature  salmon)  because  of  computer  programs 

that  stuffed  the  online  ballot  boxes.  A  revised  system  will  limit 
citizens  to  one  vote  at  www.governor.wa.gov/quarter/default.asp 


management  platform,  CA  says.  Despite  talk  of  mainframe  products  losing  steam, 
1DC  estimates  the  job  scheduling  software  market  will  grow  to  $1.8  billion  in  2007. 
Last  year  CA  augmented  its  mainframe  portfolio  by  acquiring  technology  it  had 
been  reselling  from  InfoSec. 


Your  laptop  or  your  life.  The  San  Francisco  Chronicle 
reports  that  hot  spots  for  laptop  users  are  becoming  hot  spots  for 
crime  as  well,  with  an  increase  in  cases  of  laptop  users  being  held  up 
at  gunpoint  or  otherwise  threatened.  Police  say  with  more  people 
bringing  their  laptops  to  public  places,  robberies  have  risen  sharply. 


Server  spec  in  the  works 

■  Officials  from  the  Environmental  Protection  Agency 
met  with  executives  from  Sun  and  other  companies 
last  week  to  create  a  standard  energy  efficiency  met¬ 
ric  for  servers,  furthering  the  focus  Sun  has  placed  on 
energy  efficiency  since  the  introduction  of  its  most 
recent  line  of  servers.  Advanced  Micro  Devices,  a  sup¬ 
plier  of  chips  for  some  Sun  servers,  and  the  Lawrence 
Berkeley  Lab  also  attended  the  meeting.  The  group 
hopes  to  define  a  common  measurement  that  server 
makers  can  use  to  indicate  the  energy  efficiency  of 
letting  customers  compare  and  choose  products 
based  on  the  common  measurement,  Sun  says.  The 
group  hopes  to  complete  and  introduce  the  metric  in 
mid-2006.  When  Sun  introduced  its  T2000  servers 
based  on  its  UltraSPARC  T1  processors  late  last  year, 
the  company  highlighted  the  low  energy  consump¬ 
tion  of  the  products. 

Support  ending  for  Windows  98,  ME 

■  Windows  98,  Windows  98  Second  Edition  and 
Windows  Millennium  Edition  are  nearing  the  end 
of  their  support  from  Microsoft.  The  software  ven¬ 
dor  will  stop  supporting  these  operating  system  edi¬ 
tions  on  July  11,  according  to  information  on  its 
Web  site.  All  public  and  technical  support  and  secu¬ 
rity  updates  for  the  products  will  be  suspended,  the 
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“The  Rootkit.com  site  is  there 
to  educate  people.  But  it  is  a 
forum  that  could  be  used 
maliciously.” 

Greg  Hoglund,  CEO  of  HBGary  which  also  runs 
the  Rootkit.com  Web  site 

See  story,  page  1 

company  said.  However,  online  self-help  support 
will  be  available  on  Microsoft’s  support  Web  site 
until  at  least  July  1 1,2007.  Microsoft  considers  these 
operating  systems  outdated  and  therefore  security 
risks  to  customers,  according  to  its  Web  site. 
Microsoft  recommends  customers  still  running 
these  operating  systems  upgrade  to  newer  versions 
of  Windows,  such  as  Windows  XT)  as  soon  as  possi¬ 
ble.  Microsoft  originally  planned  to  end  support  for 
Windows  98  and  ME  in  January  2004,  but  extended 
that  to  June  30, 2006,  before  announcing  in  January 
that  final  support  would  come  on  July  1 1  to  allow 
for  some  last  security  patches. 


“Let’s  get  ready  to  bumble.  .  .  ” 


Scott  Ostrenga  of  Coral  Springs,  Fla.,  wins  our 
latest  Weekly  Caption  Contest  Head  back 
each  week  for  a  new  picture  and  chance  to 
win.  www.networkworld.com/weblogs/layer8 


Mobile  domain  set  to  take  flight 

■  In  a  move  to  drive  uptake  of  mobile  Internet  ser¬ 
vices,  mTLD  Top  Level  Domain  will  begin  next  month 
to  issue  Internet  domain  names  geared  toward 
mobile  devices,  coupled  with  a  set  of  design  stan¬ 
dards.  The  .mobi  domain  name,  which  has  been 
approved  by  the  Internet  Corporation  for  Assigned 
Names  and  Numbers,  is  reserved  for  Web  sites 
designed  to  work  with  mobile  handsets.  The  aim  of 
the  new  venture,  established  by  Microsoft,  Nokia  and 
Vodafone,  is  to  make  mobile  Internet  services  easy  to 
use  and  affordable  to  develop,  said  Neil  Edwards, 
CEO  of  mTLD  in  Dublin,  last  week.  Companies  hold¬ 
ing  trademarks  can  apply  for  .mobi  domain  names 
during  a  limited  industry  sunrise  period  from  May  22 
to  May  29.  This  phase  will  be  open  to  more  than 
10,000  companies  and  associations  in  the  mobile 
phone  industry.  A  general  business  sunrise  registra¬ 
tion  will  follow  from  June  12  to  Aug.  21. 

Screen  savers  seen  as  lifesavers 

■  A  research  institute  is  harnessing  the  power  of 
thousands  of  computers  over  the  Internet  to  investi¬ 
gate  potential  drug  treatments  for  deadly  avian 
influenza.  The  Rothberg  Institute  for  Childhood 
Diseases,  in  Guilford,  Conn.,  said  last  week  it  had 
detailed  the  first  mission  for  volunteers  participating 
in  the  distributed  computing  project.  Volunteers 
download  a  screen  saver  program  that  simulates  the 
binding  of  drug  molecules  with  proteins  —  referred 
to  as  targets  —  in  avian  flu,  the  institute  said.  The 
screen  saver,  which  is  visible  in  a  computer’s  program 
tray,  kicks  in  when  the  computer  is  idle. The  institute 
likens  the  process  to  hunting  through  a  batch  of  keys 
—  meaning  the  drugs  —  to  find  the  right  one  that  fits 
a  protein  in  the  virus.The  results  are  sent  back  to  the 
Rothberg  Institute  when  the  computer  is  connected 
to  the  Internet.The  institute  said  80,000  volunteers  in 
93  countries  are  participating  in  the  project. 


Spam,  Spyware,  IM,  and  Virus  protection  at  an  affordable  price. 
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www.barracudanetworks.com/nww  or  (888-ANTI-SPAM) 


8  •  www.networkworld.com  •  4.17.06 


Symantec  broadens  e-mail  security 


BY  CARA  GARRETSON 

Symantec  this  week  plans  to 
announce  an  integrated  e-mail 
gateway  product  that  represents 
the  beginning  of  the  company’s 
multiyear  strategy  for  competing 
in  the  enterprise  messaging  secu¬ 
rity  market. 

Symantec  Mail  Security  for 
SMTP  5.0  is  an  upgrade  to  a  prod¬ 
uct  the  company  has  sold  since 
shortly  after  it  bought  anti-spam 
software  maker  Brightmail  two 
years  ago. Version  5.0  goes  beyond 
the  previous  release  by  including 
content  filtering  along  with  gate 
way  anti-spam  and  anti-virus  fea¬ 
tures,  and  by  integrating  the  once 
separate  products  to  the  point 
that  the  Brightmail  name  is  no 
longer  used. 


The  key  advantage  of  integrating 
these  gateway  software  products 
is  easier  administration  for  enter¬ 
prises,  from  tracking  the  path  an 
email  takes  on  entering  the  net¬ 
work  to  establishing  one  set  of 
policies  for  virus,  spam  and  con¬ 
tent  filtering  functions,  says  Rick 
Caccia,  senior  director  of  product 
management  with  Symantec’s 
enterprise  messaging  manage¬ 
ment  group.  Symantec  is  in  a  posi¬ 
tion  to  provide  a  soup-to-nuts 
approach  to  messaging  security 
because  it  has  developed  or 
acquired  nearly  all  of  the  technol¬ 
ogy  that  enterprises  need  today  to 
protect  their  e-mail,  he  says. 

“Until  recently  it  was  hard  to  buy 
a  complete  way  to  manage”  e- 
mail  security  Caccia  says.“But  the 


EMC  to  debut  low-end 
virtual  tape  library 

BY  DENI  CONNOR 

EMC  is  scheduled  this  week  to  roll  out  a  new  low-capacity  virtual 
tape  library  appliance  that  uses  inexpensive  Serial  Advanced 
Technology  Attachment  drives  to  make  it  affordable  for  small  and 
midsize  businesses. 

The  DL210  Clariion  Disk  Library  (CDL),  which  starts  at  $50,000,  has  a 
capacity  ranging  from  4T  to  24TB  of  disk  space. The  CDL  software  also 
has  a  new  management  interface  and  wizards  that  make  the  library 
easier  to  install,  configure  and  maintain. 

The  previous  Clariion  DL310,  DL710,  DL720  and  DL740  disk  libraries 
started  at  $110,000. 

One  of  the  most  interesting  fea¬ 
tures  is  that  all  of  EMC’s  CDLs  now 
support  IBM’s  mid-range  iSeries 
(more  popularly  known  as  the 
AS/400)  servers,  says  Diane 
McAdam,  senior  analyst  for  the 
Clipper  Group.  “Even  though  most 
VTL  vendors  support  different  dri¬ 
ves  and  libraries,  EMC’s  support  of  the  iSeries  servers  is  a  market  many 
vendors  ignore,”  McAdam  says.“There  are  still  a  large  number  of  shops 
running  iSeries  processors.” 

The  iSeries  market  has  continued  to  grow  since  the  early  70s. 
According  to  IBM,  about  20,000  new  iSeries  customers  are  added  each 
year,  80%  of  which  are  SMBs. 

Other  VTL  vendors, such  as  Diligent, Sepaton  and  Data  Domain, do  not 
support  iSeries  servers. 

The  new  DL210  also  supports  ADIC’s  Scalar  24  and  i500,  Quantum  M 
Series  and  Overland  Neo  Series  tape  libraries. 

EMC  also  has  enhanced  its  CDLs  by  integrating  them  more  tightly 
with  its  Legato  NetWorker  backup  application.  This  integration  will 
make  it  easier  to  manage  tape  cartridges  as  they  are  migrated  from  the 
VTL  to  the  physical  library. 

The  CDL  software  also  adds  tape  shredding  capability  for  secure  data 
erasure  and  a  command-line  interface  for  storage  administrators  who 
want  to  deploy  scripts  to  manage  the  CDL. The  DL210  is  available  now, 
and  these  features  are  expected  to  be  available  by  June.B 


On  its  own 

EMC's  Clariion  Disk  Library 
is  the  only  one  that  works 
with  IBM's  iSeries  servers. 


market  is  changing  and  cus¬ 
tomers  are  asking  for  more  from 
one  vendor” 

Symantec  plans  to  integrate 
more  of  the  products  in  its  enter¬ 
prise  messaging  management 
group  so  that  there  are  fewer  offer¬ 
ings  with  more  features,  Caccia 
says.  The  company  will  continue 
to  sell  its  e-mail  security  appliance 
and  hosted  service  as  separate 
offerings,  he  says,  although  fea¬ 
tures  from  Symantec  Mail  Security 
for  SMTP  5.0  will  end  up  in  those 
products  as  well. 

“The  advantage  of  having  an  in¬ 
tegrated  anti-spam,  anti-virus  and 
content  filtering  product  is  that  it 
provides  a  single  solution  to  com¬ 
bat  the  majority  of  e-mail  security 
issues,”  says  Nathan  Pilgrim,  man¬ 
ager  of  IT  infrastructure  and  com¬ 
munications  with  Brisbane  Girls 
Grammer  School  in  Australia, 
which  has  about  1,300  e-mail 
users. “From  a  management  point 
of  view  it  is  a  lot  easier  to  manage 
a  single  product  from  one  vendor 
than  multiple  products  from  dif¬ 
ferent  vendors.” 

Symantec  is  not  alone  in  offering 
anti-virus,  anti-spam  and  content 
filtering  in  one  enterprise  pack¬ 
age.  Hosted  service  providers 
Fostini  and  MessageLabs,  gateway 
software  and  hardware  makers 
Proofpoint  and  Mirapoint,  and 
appliance  vendors  IronPort  and 
CipherTrust  are  competitors  offer¬ 
ing  these  features  and  more. 
However,  Symantec  is  one  of  the 
few  companies  that  owns  all  the 
parts  in  its  enterprise  offering  — 
most  of  its  competitors  license 
anti-spam  or  anti-virus  filters  or 
both,  and  often  from  Symantec. 

With  this  release  of  its  e-mail 
security  package, Symantec  also  is 
adding  features  such  as  message 
tracking  and  LiveUpdate. 

“Symantec  wants  to  be  the  enter¬ 
prise  messaging  vendor  of  choice,” 
says  Eric  Ogren,  an  Enterprise 
Strategy  Group  analyst.“Messaging 
tracking  and  LiveUpdate  are  the 
kinds  of  things  Symantec  does  bet¬ 
ter  than  anyone  else.” 

Not  everyone  agrees  with 
Symantec’s  view  that  the  market 
for  messaging  security  is  being 
whittled  down  to  those  compa¬ 
nies  that  can  provide  one-stop 
shopping.  Just  a  few  years  ago  the 
market  consisted  of  dozens  of 
vendors  making  anti-spam  filters, 
but  it  has  evolved  into  companies 


The  biggest  hole 

Symantec  is  looking  to  grow  its  presence  in  the  enterprise 
messaging  security  market  as  many  organizations  list 
e-mail  as  their  point  of  greatest  vulnerability.  In  a  survey 
conducted  last  year  by  Enterprise  Strategy  Group,  251 
respondents  said  their  organizations  are  most  vulnerable 
to  attack  through  the  following  types  of  traffic: 

Other  3% 

Don't  know  5% 

VPN  traffic  5%  — 

Application/Web  services 
traffic  8% 

General  internal  traffic 

12% - 


Web  traffic  22% 


with  more  complete  offerings  in¬ 
cluding  compliance,  archiving,  en¬ 
cryption,  instant-messaging  pro¬ 
tection  and  more. 

“Symantec  is  taking  all  their  in¬ 
dividual  components  and  stitch¬ 
ing  them  together,  while  we  take 
the  best  of  breed  and  stitch  them 
together,”  says  Tom  Gillis,  senior 
vice  president  of  worldwide  mar¬ 
keting  with  IronPort,  which 
licenses  Symantec’s  Brightmail 
anti-spam  filters  and  its  anti-virus 
software  to  resell  with  its  gate¬ 
way  appliances. 

“Symantec’s  products  appeal  to 
someone  looking  for  a  single  ven¬ 
dor,  but  we’ve  been  successful  in 
more  sophisticated  accounts 
where  the  customer  understands 
[the  need  for]  multiple  layers  and 
multiple  vendor  strategies.” 

Symantec  Mail  Security  for 
SMTP  5.0  is  slated  for  release  in 
May  Pricing  ranges  depending  on 
the  number  of  users;  for  example, 
organizations  with  500  to  1,999 
users  would  pay  $18.70  per  user, 


per  year. 

New  features  include  zero-day 
virus  protection,  which  quaran¬ 
tines  e-mails  suspected  to  be 
viruses  based  on  the  messages’ 
characteristics  until  a  signature  is 
produced,  says  Matt  Hartwell- 
Herrero, senior  product  manager. 

New  content-filtering  features 
include  regular  expression  and 
keyword  scanning  of  more  than 
200  attachment  types,  and  can 
determine  an  attachment’s  true 
file  type  by  inspecting  it  physi¬ 
cally  instead  of  relying  on  the 
name  of  the  extension,  he  says. 

Administrative  features  include 
graphical  message  auditing  to 
search  for  e-mails  by  a  variety  of 
characteristics,  such  as  sender  or 
recipient,  and  show  the  path  that 
a  message  has  taken  through  the 
organization.  Also  with  this 
release,  Symantec  has  integrated 
its  LiveUpdate  anti-virus  technol¬ 
ogy,  which  automatically  updates 
policies,  to  work  with  its  anti¬ 
spam  features.  ■ 


nww.com 

What's  next  for  security? 

Application  &  Content  Security  is  now  the  No.  1  corporate  network  priority,  and  expec¬ 
tations  are  running  as  high  as  management's  anxiety.  Protect  yourself  and  your  enter¬ 
prise  by  attending  Network  Worlds  new  Technology  Tour  event,  Application  &  Content 
Security:  Building  the  Defensible  Network.  You'll  discover  the  new  architecture  of  secu¬ 
rity  and  the  agile  enterprise.  Coming  to  Philadelphia  on  May  16,  Atlanta  on  May  18, 
Denver  on  May  23  and  Minneapolis  on  May  25.  www.nwdocfiBder.C8m/3423 


See  Why  More  &  More  Businesses  are  Switching  to  D-Link 

"We  needed  to  make  wireless  Internet  access  available  to  media  from 
around  the  world  at  each  of  our  venues.  D-Link' s  switches  and  access 
points  met  our  needs  reliably  and  within  budget " 


Proven  Enterprise-Level  Networking  is  Now  Within  Your  Reach 

Scalability.  Flexibility.  Affordability.  Think  your  business  has  nothing  in  common  with  the  World  Baseball 
Classic™?  Think  again. 


-  Julio  Carbonell, 
World  Baseball  Classic  Executive  for  IT 
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CLASSIC 


XS  TACK 

Switching 
IP  Telephony 
Network  Storage 


Seven  venues  in  14  days  with  a  traveling  press  corps  that  needed  to  meet  deadlines  in  every  time  zone 
around  the  world.  That  was  the  World  Baseball  Classic.  Major  League  Baseball  and  the  Major  League  Baseball 
Players  Association,  planners  of  the  World  Baseball  Classic,  chose  D-Link  xStack™  switches  and  4/rPremier™ 
wireless  access  points  to  make  it  possible  for  the  press  to  make  their  connections.  The  World  Baseball  Classic 
relied  on  D-Link@Work  Solutions  for  value  and  dependability.  You  can  too. 

Connections  Made.  Money  Saved.  Period. 


Get  more  for  your  IT  dollar  with 
D-Link@Work  Solutions: 
Feature-rich,  flexible  network 
infrastructure,  storage,  security 
and  VoIP  products  that  meet 
your  budget.  Not  enough? 

Place  your  trust  in  D-Link  and 
receive  a  free2  year  of  on-site 
support,  backed  by  NCR. 


Learn  more  at  www.dlink.com/at-work 

or  can  1 -888-XSTACK1 


Trust  the  Global  Leader  in  SMB  Connectivity 

END  TO  END  SOLUTIONS 

From  the  core,  to  the  edge,  to  wireless  switching:  D-Link  provides  B-tUIKfa 
complete  end-to-end  networking  solutions  for  your  business 


MARKET  LEADERSHIP 

Shipping  more  than  100,000  connections  a  day  worldwide, 
D-Link  is  the  market  share  leader  in  SMB  connectivity1 
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PRODUCT  EXCELLENCE 

Put  your  trust  in  a  true  designer  and  manufacturer  that's  been 
delivering  excellence  in  engineering  for  two  decades 


D-UNKfff  WORK 

End-to-End 

Networking  Solutions  for 
Your  Growing  Business 
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Red  Hat,  JBoss  kick 
open  source  up  a  notch 

BY  JENNIFER  MEARS 

Red  Hats  plan  to  acquire  lead¬ 
ing  Java  application  server  ven¬ 
dor  JBoss  probably  will  result  in 
more  corporate  interest  in  open 
source  software,  because  the  two 
companies  could  provide  cus¬ 
tomers  with  the  first  one-stop 
shop  for  a  community-developed 
application  platform. 

The  challenge  will  be  in  how 
well  Red  Hat  integrates  JBoss’ 

Java-based  middleware  suite  into 
its  products  and  how  well  it 
maintains  existing  relationships 
with  third-party  vendors  such  as 
IBM,  which  are  focused  on  com¬ 
peting  Java  application  servers, 
analysts  say. 

For  the  most  part,  however,  in¬ 
dustry  observers  agree  that  the 
move  is  a  smart  one  and  should 
be  good  news  for  customers  look¬ 
ing  for  a  reliable  provider  of  open 
source  software. 

"This  is  excellent  news  for  me  as 
a  Red  Hat  customer”  says  Jim 
Klein,  director  of  information  ser¬ 
vices  and  technology  at  the  Sau¬ 
gus  Union  School  district  in  Cali- 
fornia.“Having  a  certified, Red  Hat- 
supported  JBoss  will  not  only  fur¬ 
ther  legitimize  JBoss  —  and  per¬ 
haps  Red  Hat  —  as  a  viable  enter¬ 
prise-class  alternative,  but  likely 
will  continue  to  improve  percep¬ 
tions  of  open  source  as  a  whole  in 
the  minds  of  corporate  IT.” 

It’s  that  kind  of  thinking  that 
JBoss  executives  hoped  for  as  they 
made  the  decision  to  sell  the  com¬ 
pany  to  Red  Hat.  The  two  compa¬ 
nies  announced  last  week  that 
they  have  entered  into  an  agree¬ 
ment  in  which  Red  Hat  will 
acquire  JBoss  for  $350  million, 
plus  $70  million  should  JBoss 
meet  certain  performance  met¬ 
rics.  The  acquisition  should  be 
completed  by  the  end  of  May 

Analysts  say  the  acquisition  is 
Red  Hat’s  most  aggressive  step  yet 
in  its  effort  to  move  up  the  stack 
beyond  its  Linux  operating  system 
roots,  but  they  point  out  that  sev¬ 
eral  hurdles  remain. 

One  of  those  is  to  integrate  the 
JBoss  software  successfully  into 
the  Red  Hat  Linux  distribution, 
while  maintaining  the  vibrant 
JBoss  development  community 
that  has  pushed  the  open  source 
application  server  to  the  top  of 


Yipes  hikes 
Ethernet  SLAs 

BY  JIM  DUFFY 

Yipes  Enterprise  Services  this  week  is  expected  to  boost  its  Ethernet 
service-level  agreements  in  an  effort  to  provide  stronger  guarantees  for 
delay-sensitive  applications. 

The  new  Yipes  network  services  SLA,  available  on  all  new  service 
orders,  includes  benchmarks  for  metrics  such  as  jitter  and  packet  deliv¬ 
ery  in  addition  to  guaranteed  route-specific  latency  Previously  Ypes  did 
not  provide  SLA  guarantees  on  jitter  and  packet  delivery 

Yipes  says  the  move  comes  in  response  to  growing  market  demand 
for  stronger  network  performance  assurances  for  enterprise  applica¬ 
tions  such  as  VoIP  and  video  conferencing.  The  enhancements  are 
facilitated  by  a  new,  proprietary  Yipes  network-performance  mea¬ 
surement  system,  called  HawkEye,  that  provides  customers  with 
access  to  real-time  traffic  monitoring,  management  and  analysis 
information  on  their  service. 

Ypes  is  offering  customers  a  jitter  SLA  of  250  microsec  —  or  .25  mil- 
lisec  —  as  measured  across  Yipes’  global  Ethernet  network.  This  com¬ 
pares  to  the  most  common  industry  SLAs,  which  guarantee  a  jitter  met¬ 
ric  of  1  millisec  (1,000  microsec)  or  higher. 

Verizon,  for  example,  offers  a  jitter  SLA  of  2  millisec  99%  of  the  time  for 
real-time  class  of  service  (CoS)  on  its  Ethernet  Virtual  Private  Line  offer¬ 
ing  (www.nwdocfinder.com/3033).  And  AT&T  recently  lowered  its  jitter 
rate  to  less  than  15  millisec  from  20  millisec  for  the  Silver  CoS  on  its  Opt- 
E-Man  optical  Ethernet  service  (www.nwdocfinder.com/3034). 

Jitter  is  an  important  metric  to  measure  and  monitor  because  it 
refers  to  the  recurring  changes  in  the  timing  of  a  data  stream. These 
changes  can  degrade  voice  connections,  make  video  appear  jerky 
and  affect  in  a  negative  way  other  network  applications.  Controlling 
jitter  has  become  increasingly  important  as  more  enterprises  move  to 
time-sensitive  applications  such  as  multiple-feed  videoconferencing 
and  VoIP  telephony 

Packet  delivery  which  measures  the  percentage  of  data  packets  suc¬ 
cessfully  delivered,  is  the  leading  barometer  of  network  consistency 
and  reliability  Ypes  says.  Under  its  new  SLA, Ypes  offers  a  guarantee  of 
99.9%  delivery  This  matches  AT&T’s  Silver  Opt-E-Man  SLA  and  Verizon’s 
Ethernet  Virtual  Private  Line/Real-Time  delivery  SLA. 

Route-specific  latency  is  a  measurement  of  delays  in  packet  trans¬ 
mission  across  a  network.  Yipes  now  offers  guarantees  between  the 
metro  areas  it  serves.  For  example,  Yipes’  latency  SLA  on  a  New  York 
to  Chicago  route  is  27  millisec,  and  the  SLA  on  a  New  York  to 
Philadelphia  route  is  7  millisec.  Should  Yipes  fail  to  meet  these  SLAs, 
the  carrier  will  rebate  10%  of  the  total  monthly  recurring  cost  for 
latency  and  packet-delivery,  and  one-thirtieth  of  the  MRC  for  jitter. 

One  industry  expert  views  the  new  Yipes  SLAs  positively  —  with  a 
caveat."  SLAs  are  a  little  mushy  in  the  way  they’re  described  —  once 
you  get  averages  involved  there’s  a  lot  of  play  in  the  minute-to- 
minute  service  that  you  do  get ’’says  Michael  Howard,  principal  ana¬ 
lyst  at  Infonetics  Research.  “But  these  guys  have  really  tightened 
down  the  screws.” 

Yipes  says  there  is  no  increase  in  service  prices  associated  with 
the  new  SLAs.  ■ 
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Stack  in  the  middle 


With  Linux  servers  in  data  centers,  Red  Hat  is  shifting  its 

focus  further  up  the  food  chain.  A  look  at  its  moves  into 

middleware: 

•  April  10, 2006:  Announces  plan  to  acquire  JBoss  for  $350  million. 

•  December  2005:  Says  it  will  roll  out  precertified  open  source  software  stacks, 
including  Web  and  application  server  middleware  components. 

•  June  2005:  Introduces  Red  Hat  Directory  Server,  built  on  technology  acquired 
from  Netscape. 

•  September  2004:  Announces  agreement  with  AOL  to  acquire  some  assets  of 
Netscape  Security  Solutions,  including  the  Netscape  Directory  Server  and  the 
Netscape  Certificate  Management  System, 

•  August  2004:  Introduces  the  Red  Hat  Application  Server,  based  on  the  Java 
Open  Application  Server,  developed  by  ObjectWeb. 

•  December  2003:  Outlines  its  Open  Source  Architecture,  which  includes  open, 
source  middleware  developed  by  Red  Hat  partners. 


the  middleware  market. 

“JBoss  has  to  maintain  the  com¬ 
munity  If  Red  Hat  doesn’t  allow  it 
to  maintain  the  community  then 
the  deal  is  a  failure,”  says  George 
Weiss,  vice  president  and  distin¬ 
guished  analyst  at  Gartner. 

Red  Hat  says  JBoss  will  operate 
as  a  semi-independent  entity  That 
should  be  good  news  for  those 
running  its  middleware  on  non- 
Red  Hat  operating  systems,  espe¬ 
cially  Windows.JBoss, which  inked 
a  deal  with  Microsoft  last  year  to 
improve  interoperability,  says 
about  half  its  users  run  its  prod¬ 
ucts  on  Windows. 

“There  is  the  potential  problem 
of  Windows  users  who  will  now 
see  the  Red  Hat  acquisition  as  a 
Linux  play  that  may  jeopardize 
the  future  momentum  of  JBoss  on 
Windows  or  JBoss’  relationship 
with  Windows,”Weiss  says. 

Questions  also  could  arise 
regarding  Red  Hat’s  relationship 
with  IBM,  which  is  focused  on  the 
competing  Apache  Geronimo 
application  server  and  recently 
announced  a  partnership  with 
Novell  to  bundle  SuSE  Linux  with 
its  WebSphere  Application  Server 
Community  Edition  —  a  free  ver¬ 
sion  of  its  Java  2  Platform 
Enterprise  Edition  application 
server  built  on  Geronimo. 

“The  issue  of  what  IBM  will  do 
with  Red  Hat  vs.  what  they 
might  do  with  Novell  might  start 
skewing  a  little  more  toward 
Novell,  so  that’s  something  you 


have  to  look  at,”  Weiss  says. 

Nevertheless,  industry  observers 
say  the  Red  Hat-JBoss  pairing 
makes  sense,  and  call  it  a  reflec¬ 
tion  of  the  rapidly  maturing  open 
source  market.  A  key  point  is  that 
while  commercial  vendors  have 
been  snapping  up  open  source 
firms,  this  represents  the  largest 
pure  open  source  deal  to  date. 

“Of  the  firms  that  JBoss  could 
have  sold  to,  we  definitely  con¬ 
sider  Red  Hat  to  be  a  very  rea¬ 
sonable  alternative,”  says  Barry 
Strasnick,  CIO  at  CitiStreet,  a  ben¬ 
efits  management  company  in 
Quincy  Mass. “We  already  run  all 
of  our  JBoss  instances  on  Red 
Hat,  thus  we  consider  this  to  be  a 
win-win.” 

Saugus  Union’s  Klein  expects 
the  acquisition  to  give  both  Red 
Hat  and  JBoss  a  boost  in  the 
enterprise  software  market. 

“Red  Hat  has  been  a  little  weak 
in  the  application  server  and  mid¬ 
dleware  space,  as  their  existing 
offering  —  Red  Hat  Application 
Server  —  lacks  much  of  the  re¬ 
finement  of  more  mature  solu¬ 
tions,  such  as  JBoss”  he  says. 

Saugus  Union  uses  the  Apache 
Tomcat  Web  server,  but  is  looking 
for  an  application  server  to 
anchor  its  move  into  service- 
oriented  architecture.  “We  have 
looked  at  BEAs  AquaLogic  and  a 
few  other  tools,  but,  now  that  we 
can  get  support,  and  perhaps 
training,  from  Red  Hat,  JBoss  is 
looking  like  a  winner)’ he  says.B 


with  the  amount  of  energy  wasted  by 
non-AMD  powered  servers. 


How  long  have  you  been  putting  up  with  servers  that  waste  power;  waste  money  and  thanks  to  slow  performance  waste 
everyone’s  time?  Now  you  car  make  your  data  center  the  coolest  room  in  the  building  without  replacing  your  existing 
power  and  cooling  envelope.  AMD  Opteron™  processor-based  servers,  on  the  other  hand,  are  designed  to  run  efficiently 
run  cool,  and  thanks  to  dual-core  technology  deliver  increased  performance. To  learn  more  about  maximum  performance, 
cost  savings,  and  the  power  of  cool  visit  www.amd.com/lessenergy 


AMD  w 


©  2006  Advanced  Micro  Devices,  inc  All:  rights,  reserved.  AMD.  the  AMD  Arrow  logo.  AMD  Opteron,  and  combinations  thereof,  are  trademarks  of  Advanced  Micro  Devices,  Inc. 


12  •  www.networkworld.com  •  4.17.06 


Start-up  touts  answers  for  VoWi-Fi 

Multifunction  appliance  and  dual-mode  handset  software  ties  together  WLAN  and  cellular. 


Profile:  Divitas  Networks  Divitas 

Location:  Mountain  View,  Calif. 

Founded:  April  2005 

Product:  Mobility  Communication  Platform,  an  appliance  that  combines  VoIP, 
security,  wireless  LAN  switching  and  cellular  connectivity  for  voice- 
over-WLAN-to-cellular  roaming. 

Key  personnel:  Vivek  Khuller,  president  and  CEO  (formerly  with  Clearstone  Venture 
Partners,  Sycamore  Networks  and  Verizon);  Venkat  Kalkunte,  CTO 
(formerly  with  Cisco,  Transmedia  and  Trillium). 

Funding:  $8  million  from  Clearstone  Venture  Partners  and  private  investors. 


BY  PHIL  HOCHMUTH 

Start-up  Divitas  Networks  is 
expected  to  debut  this  week  with 
technology  for  tying  together  cor¬ 
porate  wireless  LANs,  cellular  net¬ 
works  and  Wi-Fi  hot  spots  as  one 
mobile  voice  and  data  network. 

The  company,  founded  by 
technologists  formerly  with 
Cisco,  Nokia,  Sycamore  and 
Verizon,  makes  an  appliance 
that  does  many  things:  VoIP  call 
control;  WLAN  roaming,  handoff 
management  and  security;  VPN 
termination;  and  XML  data  deliv¬ 
ery.  The  product  is  intended 
to  let  enterprise  users  with 
dual-mode  voice-over-WLAN 
(VoWi-Fi)  and  cellular  handsets, 


or  handheld  devices  access  a 
corporate  VoIP  and  data  net¬ 
work  from  anywhere. 

Divitas  is  to  announce  itself  as  a 
company  Monday  Its  product  is 
expected  to  be  launched  in  July 

“So  far,  the  industry  has  not 
done  a  good  job  with  VoIP  and 
mobility”  says  Vivek  Khuller, 
Divitas  CEO.  Two  issues  are  the 
lack  of  fast  roaming  and  QoS  on 
internal  VoIP-enabled  WLANs,  he 
says.  Another  is  the  complicated 
technology  behind  handing  off 
live  calls  between  an  internal 
VoWi-Fi  and  external  cellular 
network.  While  dual-mode 
Wi-Fi/cellular  handsets  are 
emerging  from  Motorola  and 


Nokia,  most  handsets  offer  an 
either-or  technology  —  VoWi-Fi 
or  cell  phone  calls  must  start 
and  end  on  each  respective 
technology  and  network. 

Divitas’  Mobility  Communi¬ 
cations  Platform  is  a  Linux-based 
appliance  with  customized  ASCI 
software  technology  It  sits  outside 
a  corporate  firewall  and  works 
with  a  similar  unit  running  inside 
the  security  perimeter.  The  device 
inside  the  firewall  ties  into  a  cor¬ 
porate  IP  PBX  via  a  Session 
Initiation  Protocol  trunk,  allowing 
internal  IP  desk  phones  and  dual¬ 
mode  sets  to  be  on  the  same  dial 
plan.  An  Asterisk  IP  PBX  compo¬ 
nent  on  the  appliance  handles  all 
call  control  for  wireless  clients, 
and  also  acts  as  a  proxy  for  exter¬ 
nal  public  switch  telephone  net¬ 
work  and  cellular  network  access. 

The  appliance  also  acts  as  a 
WLAN  controller  for  handset 
clients  attached  to  802.1  la/b/g 
networks.  It  tracks  the  connectiv¬ 
ity  status  of  all  Divitas-enabled 
devices,  and  manages  Layer  2 
and  Layer  3  WLAN  roaming, 
address  translation  and  QoS  set¬ 
tings  as  users  move  among 
WLAN  access  points. 

The  Mobility  Communications 
Platform  appliance  sitting  outside 
the  firewall  links  in  dual-mode 
handsets  connecting  via  a  Wi-Fi 
hot  spot.  VPN  software  creates  a 


secure  tunnel  between  the  phone 
client  software  and  the  appliance, 
allowing  access  to  a  corporate 
VoWi-Fi  network.  The  hardware 
appliances  and  handset  software 
also  run  the  Divitas  Description 
Protocol  (DDP),  which  communi¬ 
cates  the  WLAN  signal  strength 
and  connection  quality  of  the 
external  WLAN.  When  users  move 
out  of  signal  range  of  a  Wi-Fi  hot 
spot,  DDP  alerts  the  appliance, 
which  places  a  cellular  network 
call  to  the  handset;  this  cellular 
call  is  patched  into  the  live  VoWi-Fi 
call,  and  the  conversation  shifts  to 
the  cellular  network  without 
being  dropped,  Khuller  says. 

In  addition  to  voice,  the 
Mobility  Communications  Plat¬ 
form  runs  an  XML  Web  services 
stack,  which  can  deliver  appli¬ 


cations  to  mobile  devices  run¬ 
ning  the  Divitas  client  software. 
XML  running  on  the  client  and 
the  appliance  could  give  access 
to  corporate  applications  and 
data  resources  for  mobile  users 
with  Windows  CE  or  smart¬ 
phone  devices. 

Divitas  faces  competition  from 
much  larger  network,  mobile  and 
telecom  vendors,  as  well  as  carri¬ 
ers  that  also  are  trying  to  solve  the 
problem  of  converging  desktop 
and  mobile-phone  technology. 
Avaya  and  Motorola  have  a  prod¬ 
uct  package  that  allows  for  cellu¬ 
lar/WLAN  handoffs  between 
Avaya  PBX  networks  and  cellular 
carriers.  Cisco  also  has  dual-mode 
and  cellular/Wi-Fi  interoperability 
with  Nokia  handsets  that  can 
work  on  cellular  or  Cisco  VoIP 
nets.  Siemens,  Lucent  and  Alcatel 
are  working  on  gear  that  will  let 
carriers  offer  services. 

“This  is  going  to  be  a  huge,  huge 
market,”  says  Craig  Mathias,  princi¬ 
pal  of  the  Farpoint  Group.  “This  is 
a  whole  new  industry,  and  very 
much  the  future  of  wireless.” 

Mathias  estimates  there  are 
about  25  vendors  and  carriers 
building  products,  “from  start-ups 
like  Divitas,  to  big  companies  like 
Avaya,”  that  will  converge  cellular 
and  WLAN  voice  technology. 
“Most  enterprises  are  completely 
unaware  that  there’s  lots  of  sensi¬ 
tive  data  sitting  on  devices  they 
have  no  control  over.  Big  compa¬ 
nies  that  have  corporate  secrets 
all  over  the  place  on  unsecured 
cell  phones  have  to  figure  out 
how  to  manage  that.” 

The  product’s  cost  will  range 
from  $250  to  $500  per  user.  It 
requires  an  existing  WLAN  and  IP 
PBX  infrastructure.  ■ 


ConSentry  adds 
switching  to 
access  control 

BY  TIM  GREENE 

ConSentry  is  introducing  a  product  that  incorporates  its  network 
access-control  hardware  and  software  into  an  Ethernet  switch,  making 
it  possible  to  enforce  access  policies  on  a  port-by-port  basis. 

The  CS4048  LANShield  Switch  performs  all  the  functions  of  the  com¬ 
pany’s  previous  policy  appliance  called  Secure  LAN  Controller  but  can 
restrict  access  to  individual  switch  ports  rather  than  entire  switches. 

Both  devices  control  access  to  the  network,  show  what  each  user  is 
doing,  manage  what  resources  individuals  and  groups  can  reach,  and 
stop  the  spread  of  viruses  and  worms. 

The  new  device  can  shut  down  malicious  outbreaks  more  surgi¬ 
cally,  says  Steven  Olsen,  infrastructure  manager  for  the  Las  Vegas 
Review-Journal  newspaper,  who  uses  the  Secure  LAN  Controller 
and  is  considering  the  LANShield  Switch  as  the  company  upgrades 
its  network  to  10G  Ethernet.  If  the  security-monitoring  gear  in  the 
switch  detects  behavior  from  a  desktop  that  indicates  a  virus  or 
worm  is  at  work,  it  can  shut  down  the  port  that  machine  is  con¬ 
nected  to  without  affecting  other  machines  connected  to  the  same 
switch,  Olsen  says. 

The  Secure  LAN  Controller  sits  between  workgroup  switches  and  core 
switches.  It  monitors  traffic  and  enforces  policies  but  cannot  shut  down 
individual  switch  ports.  If  it  discovers  an  outbreak,  it  has  to  shut  down 
the  entire  switch  from  which  the  outbreak  originates. “If  the  controller 
was  connected  to  a  72-port  switch,  then  connectivity  would  be  lost  to 
all  72  computers  on  that  switch,”  Olsen  says. 

The  downside  of  the  new  LANShield  Switch  is  that  it  requires  replac¬ 
ing  switches,  Olsen  says.An  advantage  of  LAN  Controller  is  that  it  affords 
access  protection  without  requiring  other  infrastructure  upgrades. 

CS4048  LANShield  Switch  is  expected  to  be  available  in  the  third 
quarter  and  cost  about  $15,000.  It  includes  44  copper  and  four  fiber 
Gigabit  Ethernet  ports  and  has  two  optional  lOGpbs  Ethernet  ports. 
ConSentry  has  not  set  the  price  for  the  lOGbps  uplinks.  ■ 


MessageOne  adds 
e-mail  mgmt.  options 

BY  JOHN  FONTANA 

E-mail  management  service  provider  MessageOne  this  week  is 
expected  to  add  a  range  of  hosted  services  that  let  customers  out¬ 
source  archiving,  recovery  and  encryption  while  integrating  them 
with  their  on-premise  deployments  of  Microsoft  Exchange. 

The  offerings  extend  MessageOne’s  Email  Management  Services 
(EMS)  platform.  The  company  also  is  adding  an  option  for  the 
Research  in  Motion  BlackBerry  to  its  Email  Continuity  service 
announced  last  year. The  service  ensures  that  e-mail  flows  regardless 
of  any  outages  on  the  local  e-mail  environment.  The  original  conti¬ 
nuity  service  supports  both  Exchange  and  Lotus  Notes/Domino,  but 
this  week’s  new  services  are  targeted  initially  only  at  Exchange. 

“Compared  to  the  complexity  of  clustering  and  outside  data  stores, 
which  we  have  for  other  systems,  this  is  a  very  simple  and  inexpen¬ 
sive  solution,”  says  Treg  Russell,  CIO  of  Texas  Medical  Liability  Trust  in 
Austin.  Russell  is  in  the  process  of  building  an  Exchange  cluster  but 
plans  to  keep  his  MessageOne  service.'Tt  is  an  additional  layer  of  pro- 

See  MessageOne,  page  14 


How  long  have  you  been  putting  up  with  servers  that  waste  power;  waste  money,  and  thanks  to  slow  performance  waste 
everyone’s  time?  Now  you  can  make  your  data  center  the  coolest  room  in  the  building  without  replacing  your  existing 
power  and  cooling  envelope.  AMD  Opteron™  processor-based  servers,  on  the  other  hand,  are  designed  to  run  efficiently, 
run  cool,  and  thanks  to  dual-core  technology  deliver  increased  performance.To  learn  more  about  maximum  performance, 
cost  savings,  and  the  power  of  cool  visit  www.amd.com/lessenergy 
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Rootkits 

continued  from  page  1 

great  resource  for  anti-virus  com¬ 
panies  and  others.  Without  it, 
they’d  be  far  behind  in  their 
understanding  of  rootkits." 

No  one  with  a  profoundly  mali¬ 
cious  intent  would  post  his  rootkit 
on  the  site,  because  it  would  be 
publicly  analyzed  for  detection 
purposes,  Hoglund  says.  He  con¬ 
cedes,  however,  that  out  of  the  tens 
of  thousands  of  Rootkit  partici¬ 
pants,  there  are  bound  to  be  those 
whose  intent  is  to  exploit  rather 
than  learn. 

Anti-virus  vendor  Trend  Micro 
says  the  Rootkit  Web  site  cuts 
both  ways. 

“We  need  those  open  source 
people,”  says  David  Perry  global 
director  of  education  at  Trend 
Micro.  “They  uncover  things.  It’s  a 
laboratory  of  computer  science. 
They  demand  the  intellectual 
right  to  discuss  this.” 

That  said,  Perry  notes  there  are  a 
lot  of  hacker  wannabes  who 
would  be  drawn  to  using  the 
Rootkit  site  “as  one-stop  shopping 
for  them  to  pick  up  the  tools.” 

Designing  a  rootkit  is  a  com¬ 
plex  programming  process.  Hog¬ 
lund  says  there  are  probably  no 
more  than  20  or  30  main  types 
today,  along  with  a  wide  number 
of  variants. 

Detecting  rootkits  has  be¬ 
come  a  software  research  fron¬ 


tier,  but  eradicating  them  and 
what  they  hide  is  proving  even 
more  difficult. 

“I  don’t  think  it’s  fair  to  say  Root 
kit.com  is  abetting  the  spread  of 
rootkits.  They  were  present  before 
Rootkit.com,”  says  co-author  But¬ 
ler,  CTO  at  Komoku.  Komoku  is 
getting  ready  to  release  a  rootkit- 
detector  code-named  Gamma. 

Butler  says  Rootkit.com  has 
made  it  easier  to  use  such  soft- 
ware.“Technology  being  deployed 
today  is  now  more  sophisticated 
than  it  was  two  years  ago.  It’s  very 
advanced,”  he  says. 

“Eradication  is  extremely  diffi¬ 
cult  to  do  in  100%  of  the  cases, 
while  restoring  a  system  and 
keeping  it  stable,”  Butler  says. 
Some  rootkits  that  can  get  into 
the  [basic  input/output  system] 
might  make  it  advisable  “to  throw 
the  computer  away”  if  you  want 
to  be  sure  you  got  rid  of  the 
rootkit,  he  says. 

A  Microsoft  official  offered 
similar  advice  two  weeks  ago  at 
the  InfoSec  Conference  in 
Orlando  (see  www.nwdoc 
finder.com/  3049). 

Rootkits  with  names  including 
HackerDefender,  AFXRootkit, 
PWS-Progent  and  FURootkit  are 
cited  by  McAfee  as  among  the 
most  prevalent  today 

The  trend  is  toward  embedding 
stealth  technologies  with  varying 
forms  of  spyware  and  malware, 
such  as  Backdoor-CEB,  AdClicker- 


BA,  W32/Feebs,  Backdoor-CTY 
Qoolaid,  PWS-LDPinch,  Opanki. 
worm,  and  W32/Sdbot.worm. 

This  makes  it  harder  to  detect 
and  eradicate  spyware,  adware 
and  other  unwanted  code, 
McAfee’s  McClure  says. 

The  growing  fear  in  the  security 
world  is  that  it  won’t  be  long 
before  someone  creates  a  worm 


that  can  scan  networks  for  vulner¬ 
abilities  and  then  effectively  de¬ 
liver  a  malicious  payload  —  such 
as  something  that  can  wipe  out 
files,  change  data  or  spy  on  orga¬ 
nizations  —  that  can  be  kept  hid¬ 
den  by  a  well-made  rootkit. 

“It’s  quite  possible,  once  you’ve 
got  a  piece  of  code  on  someone’s 
computer/  Perry  says.  ■ 


Google  launches 
calendar  service 

BY  ROBERT  MCMILLAN,  IDG  NEWS  SERVICE 

Google  has  launched  a  Web-based  calendar  service  that  will  let  users 
add  meetings  and  events  using  their  own  words. 

In  development  for  several  months,  the  service  initially  will  be  inte¬ 
grated  with  Google’s  Gmail  e-mail  service, says  Google’s  Carl  Sjogereen. 

He  declined  to  say  what  connection  the  project  might  have  with 
OpenOffice.org’s  open  source  alternative  to  Office,  which  Google  has 
backed,  but  he  hinted  that  Google  Calendar  could  be  integrated  with 
things  like  Google’s  personalized  home  pages.“Gmail  is  the  main  inte¬ 
gration  point  for  now,  but  you  can  imagine  integration  with  a  number 
of  other  Google  properties,”  he  says. 

Gmail  will  take  advantage  of  Google  Calendar’s  ability  to  understand 
language  and  create  calendar  entries  quickly  Google  Calendar  users 
can  create  new  events  from  their  Gmail  messages  or  use  QuickAdd  to 
add  appointments  using  natural  language  —  typing  “lunch  with  Pat 
noon  Friday/’  to  create  a  new  calendar  entry  for  example. 

Google  Calendar  will  let  users  search  for  and  then  subscribe  to  pub¬ 
licly  available  calendars  —  the  schedule  of  a  local  baseball  team,  for 
example  —  then  integrate  that  information  into  their  own  calendars. 

Google  Calendar, which  will  support  the  iCal  data  exchange  standard, 
will  let  users  share  their  calendars  using  RSS  syndication  technology  ■ 


MessageOne 

continued  from  page  12 

tection,”  he  says.  “If  you  can  get 
one  cheap  and  have  that  extra 
security  it  is  worth  doing." 

Russell  has  added  the  archiving 
and  BlackBerry  services  to  his 
MessageOne  menu. 

“The  one  downside  with  this 
[Continuity]  service  is  you  did 
not  have  historical  e-mail,”  he 
says.  “Most  people  work  off  the 
e-mail  they  had  yesterday  or  the 
day  before.’The  archiving  service 
gives  Russell  that  trail  and  lets 
him  set  a  time  range  when  e-mail 
is  archived  on  a  per-group  or 
user  basis. 

“This  is  not  a  complete  disas¬ 
ter-recovery  solution,  but  it  can 
handle  95%  to  99%  of  your 
needs,”  he  says. 

MessageOne,  which  competes 
with  Microsoft’s  Exchange  Hosted 
Services,  Pbstini  and  Message- 
Labs,  kicks  in  if  the  local  Ex¬ 
change  environment  goes  down. 


E-mail  is  funneled  to  the  Message- 
One  service  and  replicated  back 
to  the  Exchange  environment 
when  it  is  restored.  To  integrate 
with  the  service,  customers  need 
to  deploy  a  MessageOne  synchro¬ 
nization  engine  behind  their  fire¬ 


wall  and  install  agents  on  Ex¬ 
change  servers. 

With  the  archiving  service, 
MessageOne  has  included 
search  and  retrieval  capabilities 
similar  to  those  of  online  search 
engines.  Users  can  see  search 


results  returned  and  refined  as 
they  type  keywords  into  the 
browser  interface.  The  archive 
service  also  supports  nearly  400 
types  of  attachments  and  pro¬ 
vides  a  one-button  restore  fea¬ 
ture  for  users  retrieving  e-mail. 

The  recovery  service  lets  users 
recover  lost  e-mail  by  entering 
dates  and  times  of  an  outage 
and  the  users,  servers  and  stor¬ 
age  groups  affected.  The  service 
then  packages  the  e-mail  into  a 
recovery  archive,  and  users  can 
restore  the  e-mail  to  their 
Exchange  servers  using  EMS 
Recovery  Manager 

The  encryption  service  provides 
encryption  during  transport  and 
storage,  and  the  BlackBerry  conti¬ 
nuity  service  is  a  failover  for  users 
of  the  mobile  device  that  ensures 
they  never  are  without  e-mail. 

The  MessageOne  platform  is 
priced  at  $6  per  user  per  month 
based  on  250  users.The  individual 
services  are  priced  from  $1  to  $3 
and  5GB  of  storage  is  $5.  ■ 


Hosted  help  for  Exchange  shops 

MessageOne  is  adding  features  to  its  hosted  Email 
Management  Services  platform  for  Microsoft  Exchange, 


Service 

Features 

Price  per 
user,  per 
month* 

Archive 

Full  integration  with  Windows  Authentication  to  make 
sure  that  passwords  remain  secure. 

S3 

Recovery  Restores  message  back  to  last  known  good  backup. 

SI 

Encryption  Gateway-to-gateway  encryption. 

S1.50 

BlackBerry 

All  traffic  complies  with  BlackBerry  3DES  encryption; 

S1.50 

’ 

Continuity  i  no  user  device  reconfiguration  required. 

'  The  EMS  Bundle  includes  the  four  new  services  plus  EMS  Email  Continuity  for  $6 
per  user,  per  month. 
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engineers, 


with  the  amount  of  money  wasted  by 
non-AMD  powered  servers. 


How  long  have  you  fc  en  putting  up  with  servers  that  waste  power;  waste  money,  and  thanks  to  slow  performance  waste 
everyone's  time?  Now  you  can  make  your  data  center  the  coolest  room  in  the  building  without  replacing  your  existing 
power  and  cooling  enve  >pe.  AMD  Opteron™  processor-based  servers,  on  the  other  hand,  are  designed  to  run  efficiently, 
run  cool,  and  thanks  to  dual-core  technology  deliver  increased  performance. To  learn  more  about  maximum  performance, 
cost  savings,  and  the  power  of  cool  visit  www.amd.com/lessenergy 
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Rugged 

continued  from  page  1 

hung  a  scanner  by  its  telephone¬ 
like  stretch  cord  from  the  back  of 
the  small,  nimble,  propane-pow¬ 
ered  forklift.  Each  driver  would 
take  turns  barreling  the  truck 
toward  the  wall  and  at  the  last 
second  swerving  away  jerking  the 
scanner  up  and  whipping  it 
around  to  whack  the  chalk  tar¬ 
get.  Each  contestant  was  scored 
based  on  how  close  he  came  to 
the  target. 

Alistair  Hamilton,  Symbol’s  vice 
president  of  industrial  design,  still 
sounds  as  if  he  can  hardly 
believe  it.“What  does  this  do  to 
my  ‘rugged  specification’  for  this 
product?”  he  asks  rhetorically“It’s 
a  problem  that  we  identified  as  a 
whole  new  level  of  durability  that 
we  have  to  think  about  here.” 

Meet  the  unsung  and  unseen 
heroes  of  rugged  computing. 

Hamilton,  along  with  William 
Erler  of  Itronix.and  William 
Roeder  of  LXE,  oversee  their 
respective  company’s  design 
teams  that  puzzle  over  how  to 
make  a  range  of  products  that 
will  stand  up  to  heavy  hard  use 
in  demanding  environments. 

Hamilton  set  out  to  be  a 
mechanical  engineer  but  found 
the  discipline  too  constrained.“I 
wanted  to  look  at  bigger  system 
design,  and  be  a  bit  more  cre¬ 
ative  and  out  there,”  he  says.  He 
switched  to  industrial  design  and 
landed  at  Symbol  eight  years  ago. 

His  comment  expresses  an 
intellectual  restlessness  that 
seems  common  to  all  three  men, 
in  a  field  that  could  be  called 
extreme  engineering.  Itronix’s 
Erler,  for  example,  is  an  avid  rock 
climber  when  he  gets  away  from 
his  workstation.  Now  senior 
design  manager  for  mechanical 
engineering,  Erler,  50,  got  his  start 
as  a  component  designer  for  cir- 
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Rugged  computers  have  to  be  easy  to  use  in  harsh  conditions.  Here,  a  user 
wearing  gloves  uses  a  LXE  MX5  Windows  computer  and  scanner  to  read  bar 
codes  in  a  freezer. 


cuit  boards.“We’re  putting  as 
much  equipment  into  a  small 
package  as  possible,”  he  says.'T 
liken  it  to  a  puzzle.” 

Roeder,  52,  vice  president  of 
product  development  at  LXE, 
joined  the  company  19  years  ago 
to  manage  the  engineering 
department.“We  needed  a  new 
handheld  terminal  kind  of  badly?’ 
he  recalls.  Rugged  design  has 
offered  challenges  ever  since. 

‘Beat  to  hell' 

All  the  challenges  spring  from 
one  irreducible  fact. 

“The  biggest  problem  is  it  gets 
beat  to  hell,”  LXE’s  Roeder  says. 

Rugged  computers  are  sub¬ 
jected  to  rain,  grease,  freezing 
cold,  baking  heat,  vibration, 
crashes,  drops,  wear,  and  a  thou¬ 
sand  other  stresses  not  suffered 
by  standard  PCs  in  a  carpeted 
office. 

Total  2004  U.S.  sales  for  rugged 
mobile  computers  was  $1.9  bil¬ 
lion  and  is  expected  to  reach 
$2.2  billion  in  2006,  according  to 
Venture  Development  Corp. 
(VDC),a  market  research  firm. 

VDC  analyst  David  Krebs  esti¬ 
mates  that  dollar  sales  of  rugged 
laptops  and  tablets  are  about 
l/30th  of  their  non-rugged  coun¬ 
terparts.  Main  markets  include 
the  military,  manufacturing,  logis¬ 
tics,  warehousing,  field  service, 
public  safety  retail  and  now 
healthcare. 

And  they’re  moving  into  the 
mainstream.  Itronix  last  year 
introduced  its  first  semirugged 
laptop,  the  VR-1 ,  including  a 
model  licensed  with  General 
Motor’s  Hummer  brand  name. 
Included  are  durable  features 
such  as  a  magnesium  alloy  case 
(magnesium  being  the  metal  of 
choice  among  rugged  design¬ 
ers),  stainless-steel  hinges  and  a 
shock-mounted  80GB  hard  drive. 

Panasonic’s  ToughBook  division 
last  year  launched  the  first  TV  ad 
campaign  aimed  at  a  general 
mobile  audience.The  ads  show  a 
laptop  slipping  from  a  briefcase 
and  shattering  into  hundreds  of 
pieces,  and  keyboards  soaking 
up  spilled  lattes  like  sponges. 
ToughBooks  are  shown  enduring 
these  indignities. 

A  blend  of  art  and  science 

Designing  computers  to  endure 
great  punishment  is  a  blend  of 
art  and  science. 

Symbol’s  design  team  includes 
industrial  designers,  mechanical 
engineers,  human-factors  special¬ 


ists  and  what  Symbol’s  Hamilton 
calls  anthropologists,  though 
most  of  them  have  psychology 
degrees.They  study  in  effect,  the 
tribal  behavior  of  rugged  com¬ 
puting  customers. 

“It’s  really  about  observation,” 
Hamilton  says.  Symbol’s  re¬ 
searchers  saw  users  tying  string 
to  the  underside  of  the  MC9000 
handheld  to  carry  it  like  a  lunch 
pail.  Designers  added  hooks  and 
a  strap  to  the  device. 

“It’s  all  about  trade-offs,”  Roeder 
says.“You  struggle  with  conflict¬ 
ing  goals.” 

Sealing  secrets 

The  conflicts  are  manifest  in 
sealing  a  computer  against  liq¬ 
uids  and  dust.Teople  don’t  real¬ 
ize  how  many  openings  there 
are  in  a  typical  laptop,”  Itronix’s 
Erler  says. 

Sealing  usually  combines  vari¬ 
ous  technologies  and  is  a  big 
determinant  of  the  computer’s 
overall  structure.  Designers  rely 
on  intricate  combinations  of 
grooves  and  grips,  different  plas¬ 
tics  and  various  sizes  of  ‘O’  rings 
or  other  rubber  or  rubberlike 
gaskets. 

But  if  you  seal  the  computer, 
how  do  you  dissipate  the  heat 
generated  by  its  internal  elec¬ 
tronics,  especially  the  increas¬ 
ingly  powerful  CPU?  Itronix 
engineers  created  a  way  to  con¬ 
duct  heat  from  the  inside  to  the 
outside,  Erler  says.  Instead  of 
using  aluminum  heat  sinks, 
which  are  essentially  ridged 
structures  that  conduct  heat, 
Itronix  uses  a  web  of  tiny  cop¬ 
per  pipes  that  carry  the  heat  far 
more  efficiently  and  almost 
instantly  to  a  set  of  magnesium 


fins  outside  the  sealed  surface. 

The  science  of  drops 

The  seals,  like  everything  else 
on  a  rugged  computer,  have  to 
withstand  repeated  drops  and 
constant  vibration,  two  very  dif¬ 
ferent  forms  of  stress.The  weakest 
points  in  a  laptop  are  the  display 
and  the  hard  drive. 

As  a  dropped  computer  falls,  it 
accelerates.  When  it  hits  the  floor, 
it  decelerates  abruptly  but  be¬ 
cause  of  momentum,  the  interior 
components  want  to  keep  going. 
Standard  components  will  break 
and  fly  apart  under  these  G- 
forces.'Tn  a  typical  drop,  you 
might  see  a  couple  of  thousand 
G’s  moving  directly  into  the  unit,” 
Erler  says.“The  typical  hard  drive 
will  not  survive  that.” 

So  designers  create  an  exter¬ 
nal  case,  and  an  internal  skele¬ 
ton,  that’s  as  rigid  as  possible. 
Then,  they  cushion  components 
such  as  the  hard  drive  with  a  gel 
or  foam  shock  mounting.  But 
the  most  critical  variable  is  leav¬ 
ing  enough  room,  called  sway 
space,  inside  the  computer  for 
the  cushioned  hard  drive  to 
move,  allowing  it  to  decelerate 
slow!y.“You  want  a  managed, 
absorbed  movement  inside,” 
Hamilton  says. 

Symbol’s  MC9000  line,  intro¬ 


duced  two  years  ago,  used  a 
unique  design  to  deal  with  shock 
and  vibration. The  housing  is 
about  25%  thicker  than  compara¬ 
ble  products,  the  electronics  are 
a  free-floating  package  in  a  mag¬ 
nesium  frame  to  absorb  shock 
and  minimize  flexing. The  halves 
fit  together  in  a  way  that  creates, 
in  effect,  a  tube. 

“It  creates  a  phenomenally 
strong  package,”  Hamilton  says. 
“We  have  videos  from  our  cus¬ 
tomers  of  the  thing  being  thrown 
off  the  roof  of  a  small  building, 
bouncing  around  the  parking  lot, 
and  it  still  scans.” 

Designers  also  focus  on  usabil¬ 
ity.  For  its  GoBook  laptops, 

Itronix  engineers  created  the 
bat  hook,  borrowing  a  moun¬ 
taineering  term  that  describes  a 
metal  hook  driven  into  a  rock 
wall  to  support  climbing  gear. 

On  the  GoBook,  the  bat  hook  is 
an  offset  handle  mounted  at  the 
rear. The  user  can  securely  hook 
the  handle  over  any  vertical 
edge,  such  as  a  steering  wheel, 
ladder  or  the  metal  door  of  an 
electrical  breaker  box,  creating 
a  stable  work  surface. 

Test  it  till  it  breaks 

Testing  the  products  is  a  key 
part  of  the  design  process,  and  as 
ingenious  as  the  actual  designs. 

Itronix  testers  dropped  GoBook 
laptops  52  times  from  a  height  of 
3  feet,  with  the  display  closed, 
and  with  it  open.  It  sat  for  four 
hours  in  an  automated  rain 
chamber,  which  allows  the  vol¬ 
ume  and  rate  of  water  fall  to  be 
calibrated.  Symbol  put  the 
MC9000  in  a  machine  resembling 
an  oversized  clothes  dryer  to 
replicate  thousands  of  tumbles. 

In  other  tests,  the  computers  are 
strapped  to  machines  that  simu¬ 
late  shaking  or  vibration,  or  drops 
from  various  heights.  LXE  uses  a 
device  that  presses  a  steel  rod 
repeatedly  to  the  display  screen 
to  test  its  durability 

“We  test  it  until  it  fails,  then  we 
find  the  failure  point,  and  tweak 
the  design  from  there,”  Symbol’s 
Hamilton  says.B 
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HP  ProLiant  BL35p  BLADE  SERVER 


with  ProLiant  Essentials  Management  Software 

•  Up  to  2  Dual-Core  AMD  Opteron™  200  Series  processors 

•  High  density:  Up  to  96  servers  per  rack 

■  Flexible/Open:  Integrates  with  existing  infrastructure 

■  HP  Systems  Insight  Manager™:  Web-based  networked 
management  through  a  single  console 


Chaos,  now  under 
your  control. 


Rapid  Deployment  Pack:  For  ease  of  deployment  and 
ongoing  provisioning  and  reprovisioning 


HP  BladeSystem  servers  offer  tools  to  help  you  keep  pace  with  fluctuating  demands.  The  HP 


•  Integrated  Cisco  or  Nortel  switch  options 

Save  up  to  $1,200  instantly  on  the  purchase  of  the 
HP  Proliant  BL35p  Blade  Server.’ 


ProLiant  BL35p  Blade  Server  is  designed  to  relieve  some  of  the  stress.  Its  AMD  Opteron™ 
processors  offer  dual-processor  power  with  breakthrough  efficiency.  With  management 
features  like  the  Rapid  Deployment  Pack  that  lets  you  deploy  and  redeploy  blades  without 
missing  a  beat,  and  a  single-view,  graphical  user  interface  that  streamlines  monitoring 
and  configuration,  HP  BladeSystem  servers  work  with  you  so  you  don't  have  to  work  so 


HP  STORAGEWORKS  MSA1500cs 


with  StorageWorks  Essentials  Management  Software 
■  Up  to  24TB  of  capacity  (96  250GB  SATA  drives) 

•  Up  to  16TB  of  capacity  (56  300GB  SCSI  drives) 

•  Ability  to  mix  SCSI  and  Serial  ATA  enclosures  for 
greater  flexibility 

•  2GB/1GB  Fibre  connections  to  host 

Get  2TB  of  storage  free  ($2,008.80  value)’ 


hard.  And,  bundled  with  the  StorageWorks  MSA1500cs,  you  can  reduce  the  cost  and 
complexity  of  deploying  a  storage  area  network  giving  you  a  better  return  on  investment. 

Save  up  to  $1,200  instantly  on  the  purchase  of  the  HP  ProLiant  BL35p  Blade  Server.’ 
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AMD 


Opteron 


Call  1-888-223-5441 
Click  hp.com/go/bladesmag49 
Visit  your  local  reseller 


1 .  Save  up  to  $1 ,200  instantly  on  the  purchase  of  the  HP  ProLiant  BL35p  Blade  Server.  Offer  valid  through  4/30/06. 2.  Receive  up  to  2TB  of  storage  free  with  purchase  of  HP  StorageWorks  Modular  Smart  Array  1500cs  devices.  Offer  valid  through  4/30/06.  All  offers  available 
from  HP  Direct  and  participating  resellers.  Prices  shown  are  HP  Direct  prices,  are  subject  to  change  and  do  not  include  applicable  state  and  local  sales  tax  or  shipping  to  recipient's  destination.  Reseller  prices  may  vary.  See  Web  site  for  full  details.  Photography  may  not 
accurately  represent  exact  configurations  priced.  Associated  values  represent  HP  published  list  price.  AMD,  the  AMD  Arrow  Logo,  AMD  Opteron  and  combinations  thereof  are  trademarks  of  Advanced  Micro  Devices,  Inc.  ©2006  Hewlett-Packard  Development  Company.  L.P. 


The  industry's  first  line-rate  10  Gigabit  intrusion  detection 
and  prevention  system 

Predictable  performance  under  any  load 

From  the  team  that  was  first  to  bring  you  line-rate  10  Gigabit 
switching  and  routing 

Force  10  Networks: 

Building  and  Securing  High  Performance  Networks 
Learn  more  at  force10networks.com/security 
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The  ForcelO  P-Series 


Monitor 


Capture 


Protect 


Introducing  the  First  Line-Rate 
10  Gigabit  Security  Appliance 
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Short  Takes 


ForcelO  scales  IPS  to  10G  Ethernet 


bIBM  researchers  have  developed 
encryption  technology  that  can  be 
built  directly  into  a  microprocessor 
to  help  lock  down  data  in  mobile 
phones,  PDAs,  digital  media  players 
and  other  devices,  the  company  said 
last  week.  IBM  can  customize  the 
encryption  technology,  code-name 
Secure  Blue,  for  use  in  consumer 
electronics,  medical  and  government 
applications,  and  digital  media.  IBM 
is  building  the  technology  into  its 
Power  processor  but  says  the  tech¬ 
nology  also  will  work  in  processors 
from  other  chip  makers. 

B  McAfee  has  jazzed  up  its  Web 
site  with  a  new  online  portal  de¬ 
signed  to  help  users  research  a  wide 
range  of  security  problems.  The 
McAfee  Threat  Center  was 
launched  last  week  as  part  of  a 
redesign  of  the  McAfee.com  Web 
site.  In  addition  to  virus  information, 
the  portal  contains  new  information 
from  the  company's  Avert  Labs  divi¬ 
sion  on  spam,  phishing  and  spyware, 
as  well  as  free  tools  and  articles 
from  McAfee  security  experts.  Se¬ 
curity  researchers  have  no  shortage 
of  free  information  sources  these 
days.  The  U.S.  government  main¬ 
tains  a  comprehensive  information 
portal  on  security  vulnerabilities  at 
www.us-cert.gov,  and  security  the 
SANS  Institute  runs  its  own  com¬ 
munity-based  security  information 
portal  at  www.incidents.org. 

B  Nortel  has  named  an  IBM  execu¬ 
tive  to  head  its  Global  Services  divi¬ 
sion.  Dietmar  Wendt  will  be  president 
of  Global  Services  effective  May  1. 

He  will  report  to  Nortel  President  and 
CEO  Mike  Zafirovski.  Wendt  will  be 
responsible  for  the  financial  perfor¬ 
mance  and  portfolio  development  of 
the  company's  Global  Services  busi¬ 
ness.  Zafirovski  recently  said  that 
services  would  be  one  of  six  key 
areas  on  which  Nortel  will  focus,  not¬ 
ing  that  services  and  applications 
account  for  less  than  20%  of  the 
company’s  revenue.  Nortel  hopes  to 
double  services  revenue  in  the  next 
three  to  five  years. 


BY  PHIL  HOCHMUTH 

ForcelO  Networks  is  expected  to  launch 
this  week  its  first  security  product  that  lets 
customers  inspect  traffic  and  enforce 
intrusion-detection  and  intrusion-preven¬ 
tion  system  rules  to  traffic  flows  moving  as 
fast  as  10Gbps,the  vendor  says. 

A  P-Series  appliance,  which  employs  what 
ForcelO  calls  a  dynamic  parallel  inspection 
technique,  could  be  deployed  as  a  single 
security  gateway  device  in  front  of  a  large 
data  center, or  in  a  carrier  or  Internet  portal 
network,  where  large  volumes  of  traffic 
must  be  screened  for  malicious  packets 
and  attack  signatures. 

The  P-Series  is  a  hardened  Linux-based 
appliance  that  comes  in  two  models:  the 
PI,  a  dual-port  Gigabit  Ethernet  version; 
and  the  P10,a  box  with  two  10G  Ethernet 
ports.  The  P-Series  uses  the  open  source 
Snort  IDS/IPS  signature  inspection  tech¬ 
nology,  Force  10  says.  It  implements  Snort 
with  a  combination  of  10G  Ethernet  and 
programmable  silicon  that  enable  it  to  en- 


BY  JOHN  COX 

Siemens  is  set  to  unveil  this  week  wireless 
LAN  management  software  that  includes 
intrusion  detection  and  prevention. 

The  HiPath  Wireless  Manager  Advanced 
(HWMA)  application  lets  administrators 
monitor  and  analyze  traffic  passing  over 
a  wireless  link,  and  block  or  break  suspi¬ 
cious  wireless  connections.  Algorithms 
identify  specific  types  of  wireless  attacks 
and  suspicious  traffic. 

The  new  server  program,  with  compan¬ 
ion  agents  that  run  on  Siemens’  HiPath 
access  points,  is  based  on  software 
licensed  from  AirTight  Networks,  which 
introduced  its  SpectraGuard  Enterprise 
WLAN  intrusion  detection/prevention 
software  in  late  2004.  Siemens  has  taken 
this  software  and  made  it  the  native  man¬ 
agement  package  for  its  HiPath  WLAN 
controllers  and  thin  access  points,  which 
it  acquired  a  year  ago  when  it  bought 
Chantry  Networks. 

WLAN  vendors  have  been  supporting 
the  IEEE  802.1  li,  but  Hi  focuses  on  en¬ 
crypting  data  and  authenticating  users. 
Wireless  intrusions,  such  as  a  rogue  ac¬ 
cess  point  masquerading  as  a  lawful  en- 


ForcelO’s  P-Series  appliance  lets  data  center 
customers  deploy  a  single,  high-speed  secur¬ 
ity  device  to  screen  traffic. 


force  as  many  as  1,000  Snort  rules  on  traf¬ 
fic  volumes  up  to  lOGbps,  without  im¬ 
peding  flows  or  dropping  packets.  Force  10 
says  its  technology,  which  it  acquired  from 
security  start-up  MetaNetworks  last  No¬ 
vember,  introduces  one  microsecond  of 
latency  in  traffic. 

The  Snort  factor 

Dynamic  parallel  processing  uses  repro¬ 
grammable  chips  that  simultaneously 
apply  as  many  as  1,000  Snort  rules  to  in¬ 
coming  packets.  Packet  inspection  and 
rules  are  processed  in  parallel,  as 
opposed  to  serially,  which  allows  for  low 


terprise  node,  aren’t  addressed  by  these 
standards. 

A  group  of  vendors,  including  AirTight, 
AirDefense  and  AirMagnet  (sometimes 
dubbed  the  Air  Brothers),  have  created 
software  that  monitors  and  analyzes  the 
packets  being  sent  over  the  radio  link. 

Siemens  software  costs  between  $1,500 
and  $7,500.  A  license  is  required  for  each 
access  point,  at  a  cost  of  $338. 

The  HiPath  controllers  are  sold  with  a 
basic  management  application  that  lets 
each  controller  manage  the  access  points 
attached  to  it,  and  see  rogue  radios. 

With  the  new  HiPath  software,  adminis¬ 
trators  not  only  can  detect  such  intru¬ 
sions  but  also  block  them,  says  Luc  Roy, 
vice  president  of  product  planning  for 
the  HiPath  group. 

The  software  includes  algorithms  to 
pinpoint  the  location  of  any  radio  to  a 
20-foot-diameter  circle. 

“That’s  more  accurate  than  what  the 
government  requires  for  E91 1,”  Roy  says. 
Using  a  documented  API, customers  and 
third-party  software  vendors  can  access 
this  location  data  and  use  it  in  other 
applications. 


latency,  ForcelO  says.  If  threat  signatures 
are  detected,  the  device  can  drop  the 
packets,  redirect  the  flows,  or  handle  the 
incident  in  a  number  of  other  ways 
allowed  in  Snort. 

“We’re  not  doing  anything  new  with 
Snort,”  says  Steve  Garrison,  vice  president 
of  marketing  for  ForcelO.  “What  we’re 
doing  is  Snort  with  high  speed  and  low 
latency,  so  you  can  put  Snort  in  your  data 
center  or  core.” 

ForcelO  says  the  appliance  could  be  de¬ 
ployed  between  two  core  10G  Ethernet 
switches  inside  a  data  center,  or  on  the 
ingress/egress  point  of  a  data  center.  The 
edge  of  a  high-capacity  WAN  —  such  as 
an  lntern2  research  facility  or  carrier  net¬ 
work,  also  could  use  the  device  to  inspect 
all  incoming  and  outgoing  traffic. 

The  10G  P10  appliance  costs  $95,000 
and  the  lGbps  box  costs  $38,000.  These 
products  compete  with  IDS/IPS  gear  from 
Radware,  Cisco,  3Com’s  TippingPoint  prod- 
See  ForcelO,  page  20 


The  software  collects  a  range  of  perfor¬ 
mance  data  from  the  access  points  and 
displays  the  results  on  a  series  of  WLAN 
maps,  showing  such  things  as  rate 
speeds  of  each  radio  link,  and  the  cover¬ 
age  footprint  of  each  access  point. 

The  radio  frequency  monitoring  also 
makes  remote  troubleshooting  easier.  Users 
only  know  they  can’t  connect  to  the  WLAN, 
but  a  HiPath  administrator  can  run  a  pack¬ 
et  trace,  identify  the  client’s  media  access 
control  address,  and  see  the  user  is  trying  to 
connect  to  a  access  point  using  the  Service 
Set  Identifier  “visitors”  when  the  correct 
name  is  “visitor!’ 

HiPath  access  points  can  be  dedicated 
to  act  as  packet  sniffers,  continuously 
monitoring  radio  frequencies.  Alter¬ 
natively,  access  points  can  periodically 
switch  from  handling  WLAN  traffic  to 
monitoring.  Dedicated  sensors  are  more 
likely  to  be  needed  if  the  WLAN  is  han¬ 
dling  voice  or  video  traffic,  according  to 
Roy.  B 

SECURITY 

Subscribe  to  our  free  newsletter. 

DocFinder:1017  www.MtwtrkwoHd.com 


Siemens  software  protects  WLANs 
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TOLLY  OH  TECHNOLOGY 
Kevin  Tolly 


“Now  this  is  not  the  end.  It  is 
not  even  the  beginning  of  the 
end.  But  it  is,  perhaps,  the  end  of 
the  beginning." 

—  Winston  Churchill, 

November  1942. 

OK,  I’ll  grant  that  I’m  probably 
overreacting,  but  this  quote  came 
to  mind  as  I  witnessed  the  exces¬ 
sive  (even  for  a  Mac  fan)  media 
coverage  that  followed  the  recent 
announcement  of  Apple’s  Boot 
Camp. 


Apple's  Boot  Camp:  A  step  backward 


After  Microsoft’s  two-decade 
stranglehold  on  the  desktop  and 
server  computing  market,  this  ini¬ 
tiative  seems  likely  to  pry  some 
people  loose  from  the  company’s 
grip  and  maybe  start  a  trend. 
(More  than  one  writer  has  al¬ 
ready  described  it  in  terms  of  war 
—  Apple’s  Trojan  horse.) 

Think  about  it:  Apple  an¬ 
nounces  a  dual-boot  utility, and  it 
makes  the  homepage  of  Fox 
news.com,  the  front  page  of  The 
New  York  Times,  the  cover  page 
of  The  Wall  Street  Journal's  tech¬ 
nology  section  and  its  own  seg¬ 
ment  on  CNN’s  morning  show.  All 
this  for  a  boot  utility. 

The  significance  of  what  this 
enables  is  what  the  fuss  is  all 
about  —  except  that,  in  one  way 
at  least,  it  is  a  step  backward. 

With  Boot  Camp,  a  user  can  cre¬ 


ate  a  separate  partition  on  an 
Intel-based  Apple  computer  and 
boot  Windows  running  native  — 
and  alone  —  on  the  Apple  hard¬ 
ware  just  as  he  would  on  an  exist¬ 
ing  Dell  or  HP  machine. 

To  the  world  at  large,  this  was 
momentous  because  it  would 
provide  a  migration  path  and  a 
safety  net  for  users  who  wanted 
to  move  to  Mac  but  needed  a 
way  to  get  back  to  Windows 
should  the  need  arise. 

As  I’ve  written  previously  (see 
www.nwdocfinder.com/3036),  I 
was  in  that  category  a  year  ago 
when  I  made  the  switch.  The 
answer  then  was  to  install  Micro¬ 
soft’s  Virtual  PC  for  Mac  software 
and  boot  up  Windows  under 
Apple  OS  X. 

While  it  was  a  bit  complicated, 
it  did  have  the  benefit  of  being 


able  to  run  at  the  same  time  as 
OS  X.  With  Boot  Camp,  one  sys¬ 
tem  has  to  be  shut  down  to  bring 
up  the  other.  This  is  not  very 
desirable,  because  you  lose  track 
of  whatever  files  and  windows 
were  open. 

Boot  Camp  is  likely  to  be  a 
safety  blanket  more  than  any¬ 
thing  else.  When  I  moved  to  Mac 
I  loaded  Virtual  PC  on  Day  1  to 
make  sure  that  I  would  be  able 
to  deal  with  any  forced  Micro¬ 
soft  issues.  As  it  turns  out  I 
haven’t  booted  it  up  in  months.  I 
think  many  users  won’t  find  the 
need  to  boot  up  Windows. 

On  the  few  occasions  when  I 
have  no  recourse  but  to  use 
Windows-only  software  —  usually 
a  Microsoft  Access  requirement 
—  I  use  Citrix  to  provide  the 
Windows  environment  for  me. 


With  broadband  at  home  and 
even  in  the  airports,  the  user  ex¬ 
perience  is  certainly  adequate. 

And  did  I  mention  that  Boot 
Camp  is  unsupported  by  Apple? 
Microsoft  hasn’t  decided 
whether  or  not  it  will  offer  sup¬ 
port  for  Windows  running  on 
Apple  hardware. 

Ten  years  ago,  Steve  Jobs  was 
quoted  in  Wired  magazine:  “The 
desktop  computer  industry  is 
dead.  Innovation  has  virtually 
ceased. .  .  .  The  desktop  market 
has  entered  the  dark  ages,  and 
it’s  going  to  be  in  the  dark  ages 
for  the  next  10  years.”Time’s  up. 

Tolly  is  president  of  The  Tolly 
Group,  a  strategic  consulting  and 
independent  testing  company  in 
Boca  Raton,  Fla.  He  can  be 
reached  at  ktoHy@tolly.com. 


Racketeer  bolsters  WAN  acceleration  appliances 


Packed  packets 

Racketeer’s  new  PacketShaper  software  compresses  the  headers  of  real-time 
packets  and  bundles  them  into  single  larger  packets  so  they  cross  a  WAN  wire 
more  efficiently. 

D  PacketShaper  compresses  the  Real- 
time  Protocol  (RTP),  User  Datagram 
Protocol  (UDP)  and  IP  headers  for 
an  already  compressed  VoIP  payload. 

B  The  fully  compressed  packet  is  made 
part  of  the  payload  of  a  super-packet 
in  a  compression  tunnel  between  two 
PacketShaper  devices. 


BY  TIM  GREENE 

Packeteer  is  blending  the  functions  of 
two  of  its  WAN-acceleration  devices  into 
a  single  box,  making  it  possible  for  users 
to  address  network  problems  that  may  be 
slowing  site-to-site  performance  without 
adding  new  hardware. 

The  company  is  upgrading  software  for  its 
PacketShaper  WAN  optimization  platforms 
so  customers  can  buy  TCP  acceleration 
and  Web  acceleration  as  software  options. 
These  features  had  been  available  only 
through  a  separate  Packeteer  device  called 
SkyX  Accelerator. 

When  customers  buy  new  Packet¬ 
Shaper  software  or  upgrade  to  Version 
8.0,  they  will  have  the  option  to  buy  a 


ForcelO 

continued  from  page  19 

uct  line.TopLayer,  ISS  and  eEye. 

The  launch  of  Force  10’s  security  box 
also  comes  amid  rumors  that  the  vendor 
is  on  the  verge  of  filing  for  an  initial  pub¬ 
lic  offering.  ForcelO  would  not  comment 
on  any  IPO  plans,  but  observers  say  the 
company  last  year  started  putting  lan¬ 
guage  “regarding  forward-looking  state¬ 
ments”  at  the  beginning  of  its  press  and 
analyst  product  presentation  materials  — 
language  usually  used  by  publicly  traded 
companies. 

ForcelO,  which  was  founded  in  1999, 
has  since  received  more  than  $300  mil¬ 
lion  in  funding,  and  claims  to  have  more 
than  225  customers  and  350  employees.* 


license  to  turn  on  the  TCP  and  HTTP 
acceleration,  known  as  Xpress  TCP  and 
Xpress  HTTP 

PacketShaper  devices  are  deployed  at 
both  ends  of  WAN  links  and  use  a  variety  of 
techniques  to  move  data  across  the  con¬ 
nections  more  efficiently  to  reduce  conges¬ 
tion  and  improve  application  response 
times.  Packeteer  competes  against  other 
WAN  acceleration  vendors,  including  F5 
Networks,  Juniper,  Orbital  Data  and 
Riverbed. 

Each  uses  a  mix  of  technologies  such  as 
QoS,  compression,  caching  and  protocol 
optimization,  to  speed  traffic  across  WANs 
without  having  to  buy  more  bandwidth, 
says  Mattias  Machowinski,  an  analyst  with 
Infonetics.  “They  all  do  slightly  different 
things,”  he  says. 

Xpress  TCP  software  monitors  conges¬ 
tion  on  WAN  connections  and  lets  TCP 
transmissions  slow  down  when  conges¬ 
tion  warrants  it. The  software  recognizes 
when  the  congestion  clears  and  sends 
acknowledgements  locally  to  ramp  TCP 
back  up  to  full  speed  more  quickly. 

Xpress  HTTP  software  anticipates  what 
content  will  be  requested  next  from  re¬ 
mote  clients  and  precodes  it  so  the 
object  is  ready  to  go  or  already  sent 
when  the  request  comes,  improving  re¬ 
sponse  time  of  Web  applications.This  fea¬ 
ture  also  accelerates  XML  over  TCP 
Packeteer  says. 

WIDE-AREA  NETWORKING 
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These  two  acceleration  features  are 
options,  because  they  are  important 
when  networks  suffer  high  latency  and 
high  packet  loss,  but  are  not  always  nec¬ 
essary,  Packeteer  says. 

Also  new  with  Version  8.0  is  the  ability 
to  monitor  Real-time  Protocol  (RTP)  traf¬ 
fic,  which  includes  voice  and  video,  giv¬ 
ing  businesses  the  ability  to  verify  ser¬ 
vice-level  agreements.  The  software  can 
measure  delay,  packet  loss  and  jitter  as 
they  affect  RTP  traffic,  and  measure  per¬ 
formance  of  real-time  classes  of  MPLS 
service. 

To  help  improve  voice  and  video  quality 
by  making  packets  cross  WAN  pipes 
more  efficiently,  the  new  software  com¬ 
presses  RTRUser  Datagram  Protocol  (UDP) 
and  IP  headers  on  voice  and  video  pack¬ 
ets,  and  packs  them  into  single,  super 
packets  so  it  takes  fewer  bits  to  get  pay¬ 


loads  delivered  (see  graphic). 

PacketShaper  8.0  ships  with  new  devices 
and  is  an  upgrade  for  current  customers 
with  service  contracts.  The  acceleration 
module  that  includes  Xpress  TCP  and 
Xpress  HTML  ranges  from  $250  to  $10,000, 
depending  on  which  model  of  Packet¬ 
Shaper  it  is  licensed  for.  ■ 


nww.com 

2006  Enterprise  All-Star  Award 

Submit  your  entry  in  this  prestigious  award  pro¬ 
gram  before  it's  too  late.  Deadline  for  nominations 
is  May  10.  Go  online  for  more  information  and  a 
nomination  form. 

www.nwdocfinder.com/2436 
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DENSITY  •  AFFORDABILITY  •  PERFORMANCE  •  CONVERGENCE  •  SECURITY 


With  the  performance  you  expect  from 

Foundry,  now  comes  the  price,  flexibility, 
and  density  breakthrough  you’ve  been  waiting  for. 
Foundry’s  integrated  Layer  2/3  switch  delivers  an 
extensive  feature  set,  integrated  PoE,  full  layer  3 
routing  (including  OSPF  and  BGP4)  and  wire 
speed  10  GE  performance  for  Enterprise  and 
Service  Provider  environments. 

Get  Secured.  Get  Converged. 
Get  SuperX. 


FastIrqn  SuperX 

•  Edge  &  Wiring  Closet  Switch 

•  Extensive  QOS  and  Security 
Features 

•  Ease  of  Upgrade  td  POE 

•  lO-GE  Aggregation  and  Core  Switch 

•  Lowest  Price  per  port  than  Other 
1  o-GbE  Modular  Switches 


FastIron  SuperX  with  M2 

•  Enterprise  and  Metro  L3  backbone 
Switch 

•  High-Performance  layer  3  Routing 

•  Up  to  1  Million  routes  and  zo  bgp 
Peers 


High  Density 

•  Up  to  204  Pore  GE-SFP  Mini-GBIC 

•  Up  to  204  Ports  10/100/1000 

•  Up  to  192  Ports  10/100/1000  PoE 

•  Up  to  16  Ports  10-GE 

High  performance 

•  Wire-Speed  Every  Port 

•  Up  to  304  Mpps  Throughput 

•  510-Gbps  Switching  Capacity 

Convergence  Ready 

•  Standards-Based  Power-over-Ethernet 

•  Purpose-Built  for  Data,  Voice  &  Video 

•  Integrated  Wired  &  Wireless  Support 

IRONSHIELD  SECURITY 

•  Wire-Speed  ACLs  &  Rate  Limiting 

•  Secure  Shell,  Secure  Copy,  SNMPv3 

•  DoS  Attack  Protection 

•  802. lx  &  MAC  Authentication 
with  Dynamic  Policy 


\ 

COLLAPSED  BACKBONE  AND  DATA  CENTER 

FASTIRON 

SUPERX 


CLUSTER  COMPUTING 
OR  HIGH  PERFORMANCE 
COMPUTING 


NETWORK  ATTACHED 
STORAGE 


SERVER  FARM 
AGGREGATION 

_ _ _ y 


COLLAPSED  HIGH-SPEED  WIRING  CLOSET 


1  O-GE 

lO/lOO/lDOO  MBPS 


J 


m 

FOUNDRY* * 

NETWORKS 

The  Power  of  Performance ™ 


INTEROP 

LAS  VEGAS  |  APRIL  30-MAY  5,  2006 

Booth  #  1024 


For  more  information  please  call: 
US/CANADA  1  BBS  TURPOLAN, 
INTERNATIONAL  +1  408.586.1700 
OR  VISIT  OUR  WEBSITE  AT 
WWW.FOUNDRYNET.COM/SX 


Foundry  Networks.  Inc.  is  a  leading  provider  of  high-performance  Enterprise  and  Service  Provider  switching,  routing  and  Web  traffic  management  solutions  including  Layer  2/3  LAN  switches.  Layer  3  Backbone  switches, 
Layer  4-7  Web  switches,  wireless  LAN  and  access  points,  access  routers  and  Metro  routers.  ©  2005  Foundry  Networks,  Inc.  All  Rights  Reserved.  All  others  arc  trademarks  of  their  respective  owners. 
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Disaster  recovery  high  on  SAN  user's  list 


BY  DENI  CONNOR 

When  Michael  Amble’s  storage-area  net¬ 
work  is  down,  it  costs  the  financial-services 
firm  he  works  for  $4  million  per  hour. 

Fidelity  National  Financial  in  Jackson¬ 
ville,  Ha.,  which  handles  a  third  of  the  real 
estate  title  insurance  issued  nationwide, put 
in  a  highly  available  SAN  and  disaster- 
recovery  (DR)  system  that  ensures  the  in¬ 
tegrity  and  availability  of  its  business-criti¬ 
cal  data  at  a  cost  of  $25  million. 

“We  believe  that  if  we  have  an  outage 
today  we  could  lose  up  to  two  minutes  of 
data,”  Amble  says. “That  concern  justified 
the  expense  of  putting  the  SAN  in.  Outages 
are  just  disastrous  for  us.”  • 

In  2004,  Amble  set  out  to  replace  an  aging 
EMC  SAN  that  needed  to  be  managed  with 
a  variety  of  software. 

“We  were  working  with  [EMC] ,  and  when 
we  put  this  infrastructure  together  we  were 
looking  to  have  an  infrastructure  available 
that  we  could  manage  and  operate  with 
one  set  of  tools,”  Amble  says.  The  company 
chose  to  centralize  all  its  data  on  a  SAN 
from  Hitachi  Data  Systems. 

“Management  just  kept  saying,  ‘What  if 
[centralization]  doesn’t  work,”’ Amble  says. 
“1  said  we’d  be  out  of  business,  and  they 
said, ‘We  can’t  let  that  happen.’” 

Amble’s  SAN  consists  of  two  Hitachi  Tag- 
maStore  Universal  Storage  Platform 
USP1 100  arrays,  in  Chicago  and  Little  Rock, 
Ark.  Each  attaches  to  external  secondary 
storage,  the  Hitachi  Thunder  9585V 

The  data  on  the  virtualized  TagmaStore/ 
Thunder  arrays  is  replicated  and  mirrored 


Short  Takes 


■  Exabyte  introduced  last  week  a 
tape  library  for  small  and  midsize 
businesses  and  remote  offices.  The 
Magnum  224  is  a  Linear  Tape  Open 
Ultrim  library  that  scales  to  19.2TB  of 
capacity.  Starting  with  4.8-TB  capaci¬ 
ty  and  speeds  of  172G  bytes/hour,  the 
Magnum  224  is  available  with  either  a 
single  LTO-2  half-height  drive  and  an 
empty  slot  for  a  second  LTO-2  drive, 
or  with  a  single  LTO-3  drive.  The 
Magnum  224  LTOTape  Library  is 
available  from  resellers  starting  at 
$4,600. 


Fidelity’s  ‘disasterproof  virtualized  storage  environment 


q  Virtualized  Hitachi  TagmaStore/Thunder 
array  in  Chicago  replicates  data  to  disaster- 
recovery  site  in  Little  Rock. 

B  Data  is  migrated  from  TagmaStore  to 
Thunder  array  based  on  needs  of  business 
for  processing  power,  inexpensive  storage. 

Q  Management  via  Hitachi's  HiCommand 
software  from  Jacksonville,  Fla. 
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over  an  OC-3  link  between  the  two  sites 
synchronously  using  Oracle  DataGuard 
and  Hitachi’s  TrueCopy  replication  soft¬ 
ware.  Amble  and  his  staff  can  manage  the 
information  remotely  using  Hitachi’s 
HiCommand  software. 

“We  have  a  completely  mirrored  sys¬ 
tem,”  Amble  says.“Our  problem  is  that  we 
needed  high  availability  at  our  central  site 
so  we  have  redundancy  there,  with  the 
premise  that  something  truly  catastrophic 
has  to  happen  before  I’m  going  to  move  to 


a  [disaster-recovery]  site,”  Amble  says. 

Tier  1  of  Amble’s  infrastructure  is  the  Tag¬ 
maStore  storage.  Tier  2  consists  of  the 
Thunder  9585Vs.  Tier  3  is  configured  as 
streaming  tape  backups.  Amble  mirrors  stor¬ 
age  from  Tier  1  to  Tier  2  and  then  streams  it 
off  to  tape  through  silos  and  sends  the  tapes 
off  to  his  disaster-recovery  sites. 

When  the  disaster-recovery  site  isn’t  in 
use,  Amble  doesn’t  let  it  sit  dormant. 

“We  utilize  a  huge  amount  of  space  and 
all  the  equipment,”  he  says.“We  test  the  DR 


site  regularly  and  use  it  for  volume  and 
stress  testing.  Because  of  the  way  data  is 
striped  on  our  disks,  we  just  have  to  move  it 
out  of  one  site,  and  when  we  are  finished 
we  move  it  right  back.” 

Amble  says  most  of  the  time  spent  bring¬ 
ing  up  the  DR  site  is  used  to  coordinate  the 
DNS  so  the  network  can  find  it. 

At  the  same  time  as  he  is  replicating  data 
from  Chicago,  tapes  are  being  shipped  to 
Little  Rock.“If  something  should  happen  to 
the  replication,  we  are  just  that  far  away 
from  having  the  most  current  set  of  tapes 
available,”  he  says. 

Using  Hitachi’s  built-in  virtualization 
capability  he  migrates  data  from  array  to 
array  where  it  can  be  put  to  the  best  use. 

Because  as  much  as  85%  of  the  compa¬ 
ny’s  business  is  transacted  in  the  last  five 
days  of  every  month, “we  have  this  system 
that  has  to  be  sized  for  the  volume  of  clos¬ 
ings  in  those  days,”  he  says.“Twenty-five  days 
of  the  month  they  don’t  look  like  they  are 
running  very  hard  at  all, and  then  five  days 
of  the  month  they  are  running  at  120%.” 

Moving  data  is  imperative  for  Amble.  “We 
move  data  from  our  Tier  1  to  Tier  2  pretty 
regularly  to  ensure  we  can  get  the  response 
we  need,”  he  says.“We  use  the  intelligent 
controller  in  the  TagmaStore  to  do  that 
migration.” 

Amble  says  that  with  the  EMC  arrays,  that 
space  was  set  and  the  only  way  he  could 
reallocate  it  was  to  wipe  off  the  disk  and 
rewrite  it.  ■ 


PolyServe  squeezes  SQL  Servers 


BY  JOHN  FONTANA 

To  improve  failover  and  reduce  costs, 
PolyServe  plans  to  release  software  this 
week  designed  to  help  companies  consoli¬ 
date  their  growing  legions  of  SQL  Servers. 

The  company’s  SQL  Server  utility  uses 
FblyServe’s  shared-data  clustering  technol¬ 
ogy  and  lets  users  consolidate  their  SQL 
Server  instances  and  reduce  the  amount  of 
Microsoft  software  they  must  buy  and 
maintain.The  utility  includes  a  dynamic  re¬ 
hosting  feature  that  lets  users  shift  work¬ 
loads  almost  instantly, a  high-availability  ser¬ 
vice  that  allows  an  instance  of  SQL  Server 
to  run  among  a  group  of  servers,  and  a 
maintenance  tool  for  sending  updates  and 
patches  to  multiple  instances. 

While  SQL  Server  has  grown  in  popular¬ 


ity  so  has  the  size  of  deployments  as  users 
build  in  fault  tolerance  by  limiting  in¬ 
stances  of  SQL  Server  to  a  single  server 
and  underusing  that  server’s  capacity  to 
protect  against  traffic  spikes.  Such  a  con¬ 
figuration  can  inflate  licensing  and  main¬ 
tenance  costs. 

“We  now  have  14  active  servers  in  our 
clusters  backed  up  by  two  passive  servers,” 
says  David  Miller,  a  director  for  system  inte¬ 
grator  Avanade  and  leader  of  a  consolida¬ 
tion  project  for  a  large  British  government 
agency,  which  he  asked  not  be  named.  “In 
the  past  we  had  14  active  and  14  passive 
SQL  Servers  in  the  clusters.” 

Miller  says  PolyServe  doesn’t  require  the 
passive  nodes,  but  he  maintains  them  as 
extra  protection.  He  says  the  agency  had 


more  than  1 ,000  SQL  Servers  running  with¬ 
in  the  previous  clustered  environment. 

Miller  says  he  has  reduced  failover  time 
from  five  minutes  to  30  seconds  and 
slashed  by  90%  the  number  of  users  who 
lose  connections  during  a  failover. 

PolyServe  Database  Utility  for  SQL  Server 
is  built  on  the  company’s  Matrix  Server. 
The  server  lets  users  group  a  collection  of 
servers  and  a  collection  of  storage,  and 
provides  a  storage  virtualization  layer  on 
a  cluster  that  lets  any  of  the  servers  read 
and  write  to  any  data  on  the  storage-area 
network. 

The  Database  Utility  for  SQL  Server  is 
priced  at  $25,000  per  server  with  a  typical 
installation  carrying  a  price  tag  of 
$1 00,000.  ■ 
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mgmL  gets  serious 


Short  Takes 


■  E-mail  security  vendor  AppRiver 
last  week  launched  a  Microsoft 
Exchange  2003  hosting  service 
that  includes  AppRiver's  Web-based 
Shoreline  control  panel  for  setup 
and  management,  and  SecureTide 
spam  and  virus  protection.  Shoreline 
also  is  the  interface  to  administra¬ 
tive  controls  for  adding  users,  stor¬ 
age  quotas,  distribution  groups, 
e-mail  routing,  domain  aliases,  for¬ 
warding,  passwords,  client  configu¬ 
ration  and  other  functions.  An  Out¬ 
look  client-configuration  wizard 
moves  users  from  their  previous 
e-mail  environment  to  AppRiver's 
hosted  platform.  The  company  is 
targeting  corporate,  government 
and  educational  customers.  The 
hosted  Exchange  service  is  priced  at 
$12.95  per  user,  per  month. 

■  Business  Objects  jumped  into 
the  world  of  subscription-based,  on- 
demand  software  last  week,  an¬ 
nouncing  an  online  version  of  its 

Crystal  Reports  service,  which 
lets  customers  share  business  infor¬ 
mation  over  the  Web.  The  service  is 
aimed  at  small  and  midsize  busi¬ 
nesses,  which  will  be  able  to  broad¬ 
en  their  use  of  Crystal  Reports  with¬ 
out  buying  extra  software  licenses 
or  assigning  additional  IT  staff  to 
maintain  it,  Business  Objects  says. 
Called  Crystalreports.com,  the  ser¬ 
vice  lets  employees  create  Crystal 
Reports  documents,  upload  them  to 
the  Web  and  create  a  list  of  employ¬ 
ees,  customers  and  partners  autho¬ 
rized  to  access  them.  Authorized 
users  then  log  on  to  Crystalre 
ports.com  to  view  the  documents. 
Until  now,  many  companies  have 
shared  Crystal  Reports  by  sending 
them  as  e-mail  attachments  or  hard 
copies,  which  takes  more  time,  is 
less  secure  and  can  lead  to  conflict¬ 
ing  data,  Business  Objects  said.  The 
service  is  offered  in  two  versions:  a 
free,  basic  service  and  a  premium 
service,  paid  by  monthly  subscrip¬ 
tion.  Both  services  will  be  offered 
globally  in  the  second  half  of  this 
year.  Pricing  has  not  been 
announced. 


IP  address 

BY  DENISE  DUBIE 

When  the  Atlanta  Journal-Constitution 
needed  to  share  stories,  photos  and  other 
editorial  content  with  15  sister  publications 
in  the  Cox  Newspaper  family  network  engi¬ 
neer  Layne  Meier  didn’t  look  into  updated 
WAN  technologies,  but  worked  with  the 
other  Cox  Newspaper  papers  to  make  sure 
all  were  integrated  into  an  existing  IPad- 
dress  management  system. 

“Cox  Newspapers  has  a  WAN  wherein  all 
newspapers  within  the  organization  can 


BY  JOHN  FONTANA 

Mimosa  Systems  released  last  week  soft¬ 
ware  that  lets  users  archive  all  their  Ex¬ 
change  5.5  e-mail  data  and  start  fresh  with 
new  mailboxes  on  a  more  recent  version  of 
Microsoft’s  e-mail  server. 

With  an  upgrade  to  NearPoint  for  Micro¬ 
soft  Exchange  Server,  Mimosa  has  added 
Exchange  5.5  migration  capabilities.  The 
software  lets  users  move  e-mail,  attach¬ 
ments,  calendar  contacts  and  other  data  to 
the  NearFbint  archiving  system.  Users  are 
left  with  empty  Exchange  mailboxes,  which 
are  more  easily  migrated  to  a  new  version 
of  Exchange,  most  likely  Exchange  2003. 
Users  start  with  a  blank  in-box  but  have  full 
access  to  their  Exchange  5.5  data  via  the 
NearFbint  server. 

Exchange  5.5  reached  its  end  of  life 
three  months  ago  after  numerous  exten¬ 
sions.  Nearly  15%  of  all  Exchange  users, 
however,  are  still  running  Version  5.5, 
which  first  shipped  in  February  1998. 
Since  then,  Exchange  2000  and  2003  have 
been  released,  and  Exchange  12  is  due 
next  year. 

“One  of  the  reasons  some  users  are  still 
on  5.5  is  because  they  have  very  complex 
environments,  and  it  is  difficult  to  move  in 
the  traditional  way  of  migrating  mailboxes 
and  upgrading  to  Active  Directory”  says 
Masha  Khmartseva,  a  senior  analyst  with 
the  Radicati  Group.  She  says  users  don’t 
have  a  choice  in  Active  Directory  migra¬ 
tions,  but  Mimosa  is  now  offering  an  alter¬ 
native  to  moving  mailboxes  stuffed  with 
data  since  1998. 

“Moving  this  data  is  very  complicated;  it 


share  stories  and  photos  with  each  other,” 
Meier  says.“We  had  an  instance  where  Cox 
Corporate  had  upgraded  its  DNS  servers  to 
[Berkeley  Internet  Name  Domain  8],  and 
several  papers  were  still  running  BIND  4  or 
Novell  Netware  BIND  that  was  incompati¬ 
ble  with  the  newer  features  found  in  BIND 
8, so  some  sites  couldn’t  access  the  content 
without  a  lot  of  hassle  and  delay,  which  just 
doesn’t  fly  in  the  newspaper  business.” 

By  installing  Metalnfo’s  IP  address-man¬ 
agement  software  on  one  server  and  using 


takes  a  lot  of  time  and  a  lot  of  manpower. 
For  some  companies  it  takes  months  for 
them  to  do  that  correctly’  Khmartseva  says. 
NearPoint  presents  an  option  that  could  be 
cheaper,  faster,  more  efficient  and  more 
secure,  she  says.  “Right  now  any  company 
can  benefit  from  archiving,  and  the  faster 
they  do  it  the  better,”  she  says. 

Mimosa  officials  say  the  Exchange  5.5 
capabilities  mean  users  now  migrate  in 
days  rather  than  weeks  or  months.  Near- 
Fbint’s  Version  5.5  migration  capabilities, 
which  don’t  require  installing  software  on 
the  Exchange  Server  or  the  Outlook  client, 
include  tools  to  verify  that  all  Exchange  5.5 
data  was  saved  to  the  archive  before  clear¬ 
ing  out  user  mailboxes. 

Once  the  mailboxes  are  transferred  to  the 
new  Exchange  platform,  users  see  a  Folder 
Homepage  as  part  of  their  folder  tree  in 
Outlook.The  archive  of  the  Version  5.5  data 
is  displayed  as  a  Web  page  to  eliminate  the 
need  to  install  any  Mimosa  software  on  the 
desktop. 

Administrators  fine-tune  the  rights  that 
dictate  what  Version  5.5  information  users 
replicate,  down  to  their  new  in-boxes.  It  in¬ 
cludes  controls  that  will  keep  attach¬ 
ments  in  the  archive  while  letting  the  e- 
mail  text  be  replicated  to  the  Outlook  in¬ 
box.  Mimosa  allows  for  a  desktop  cache, 
which  supports  offline  access  to  those 
attachments. 

NearPoint  is  similar  to  XOsoft’s  Enter¬ 
prise  Rewinder  software  for  Microsoft 
Exchange, SQL  Server  and  Oracle.  Pricing 
for  NearPoint  starts  at  $10,000  for  100 
users.  ■ 


another  server  for  DNS  and  DHCP  soft¬ 
ware,  he  says  he  not  only  better  secured 
remote  locations  but  also  made  it  possible 
for  multiple  sites  to  share  content  more 
easily.  While  local  administrators  manage 
the  DNS  and  DHCP  servers,  staffers  at 
other  sites  can  pluck  content  from  them, 
because  the  systems  now  align  and  the  IP 
addresses  sync  up.  And  Meier  gets  the 
50,000-foot  view  of  all  the  locations  via  his 
Metainfo  interface. 

“Every  device  needs  an  IP  address  in 
order  to  communicate,  and  you  have  to 
manage  those  efficiently  to  keep  network 
services  available,”  he  says. 

In  fact,  IP  address  management  —  long 
an  IT  task  pushed  to  the  back  burner  and 
typically  performed  disparately  with  free 
tools  —  is  getting  more  attention  at  compa¬ 
nies  looking  to  better  secure  and  manage 
their  networks.  For  instance,  DNS  is  the  net¬ 
work  function  that  translates  domain 
names  such  as  www.networkworld.com 
into  an  IP  address  like  65.214.57. 165.  If  DNS 
doesn’t  work  properly,  a  user  won’t  gain 
access  to  the  Web  site,  and  that  would  be¬ 
come  a  perceived  network  failure. 

Vendors  such  as  Blue  Cat  Networks, 
Cisco,  eTelemetry,  Infoblox,  INS,  Lucent, 
Metainfo  and  Nortel  offer  products  that 
promise  to  help  customers  maintain  an 
inventory  of  the  IP  addresses  in  their  net- 
work,  virtual  LANs  (VLAN)  and  more. 
Using  software  installed  on  a  server  or 
bundled  on  an  appliance,  IP  address-man¬ 
agement  products  are  designed  to  keep  an 
up-to-date  inventory  of  network  addresses 
'  in  use. 

Some  products  simply  serve  as  a  reposi¬ 
tory  for  data  that  must  be  updated  manu¬ 
ally  by  network  engineers,  while  other 
products  are  said  to  dynamically  discover 
new  devices,  collect  IP  address  informa¬ 
tion  from  them  and  make  sure  there  is  no 
duplication. 

Products  today  also  typically  use  BIND  9, 
a  more  secure  version  of  the  protocol  that 
includes  features  to  prevent  security  issues, 
such  as  DNS  cache  poisoning  or  viruses, 
from  bringing  down  enterprise  DNS  and 
DHCP  servers. 

“It’s  an  absolutely  scary  proposition  that 
many  folks  in  IT  that  would  never  think  of 
using  Microsoft  Access  [software  for  data 
sharing  and  collaboration  included  with 
the  company’s  office  suite  of  applications] 
as  an  enterprise  database  are  using  the  ver- 
See  IP  address,  page  25 


Mimosa  looks  to  ease 
Exchange  upgrades 
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Will  there  ever  be  a  corporate  Apple? 


NET  INSIDER 

Scott  Bradner 


As  regular  readers  know,  I’m  a 
fan  of  Apple  computers  and  use 
them  at  home,  on  the  road  and  at 
work.  As  anyone  in  the  corporate 
world  knows,  I’m  at  best  one  of 
those  exceptions  that  prove  the 
rule  that  Microsoft  owns  the  cor¬ 
porate  desktop. 

Since  Apple’s  announcement 
that  it  was  adopting  Intel  proces¬ 
sors,  there  has  been  a  growing 
buzz  among  some  pundits  that 
Apple  might  be  on  the  cusp  of  a 
major  increase  in  its  penetration 
of  the  corporate  world.  This  buzz 
increased  dramatically  in  volume 
with  Apple’s  announcement  of  a 


supported  way  to  boot  Windows 
on  its  Intel-based  computers.  But 
does  this  buzz  make  any  sense? 

I’ve  been  using  Macintosh  com¬ 
puters  since  about  three  months 
before  they  were  announced  in 
the  famous  1984  Super  Bowl  com¬ 
mercial  (www.nwdocfinder.com/ 
3028),  which  has  been  credited 
with  making  the  Super  Bowl  show 
something  that  even  non-football 
fans  want  to  watch.  I  got  an  early 
machine,  because  I  was  one  of  the 
Harvard  representatives  to  the 
Apple  University  Consortium.  For 
most  of  the  next  decade  Apple 
had  a  significant  presence  in  the 
corporate  world  but,  because  of 
many  significant  missteps  by 
Apple  coupled  with  almost-per- 
fect  execution  by  Microsoft  (until 
the  courts  got  in  the  way),  that 
presence  has  shrunk  to  almost 
nothing. 

Although  I’ve  been  seeing  a  lot 
more  Apple  laptops  on  airplanes 


and  at  meetings  —  they  are  easy 
to  spot  with  their  luminous  Apple 
logo  —  the  percentages  are  still 
small.  I  expect  to  see  a  lot  more 
glowing  Apples,  assuming  the 
London  court  does  not  tell  the 
company  its  logo  —  a  monochro¬ 
matic  apple  with  a  bite  out  of  it  — 
is  too  similar  to  that  of  Apple 
Corps  and  forces  a  change. 

Now,  however,  1  will  not  be  able 
to  tell  if  the  user  is  running  an 
Apple  operating  system  or  Win¬ 
dows.  Apple’s  Boot  Camp  (www. 
nwdocfinder.com/3029)  allows 
an  Intel-based  Apple  computer  to 
run  Windows  natively  and  just  as 
fast  as  a  machine  designed  with 
only  Windows  in  mind.  This  is  a 
good  move  by  Apple,  but  not  the 
best  move  it  could  have  made. 
Boot  Camp  means  that  a  corpo¬ 
rate  user  could  buy  the  Apple 
hardware  that  many  people  con¬ 
sider  some  of  the  best  in  the  in¬ 
dustry  yet  run  the  corporate 


Windows-standard  environment. 
But  the  Apple  OS  X  environment 
will  always  be  just  a  reboot  away 
and  thus  easy  to  try  out. 

I’d  rather  virtualize  than  reboot. 
I’ve  been  using  Virtual  PC  (www. 
nwdocfinder.com/3030)  when  I 
need  to  run  a  program  that 
works  only  on  Windows.  It  cre¬ 
ates  a  window  in  which  Win¬ 
dows  runs,  and  files  can  be 
copied  back  and  forth.Virtual  PC 
is  quite  slow,  because  it  emulates 
the  x86  processor;  the  same 
function  on  an  Intel-based  Apple 
computer  should  run  at  full 
speed.  Other  companies  have 
announced  virtualization  soft¬ 
ware  for  the  Apple  machines, 
including  Parallels  (www.paral 
lels.com)  and  EMC’s  VMware 
(www.vmware.com). 

The  ideal,  but  not  easy,  solution 
is  to  work  as  Apple  Classic  does: 
let  individual  applications  run 
transparently  in  a  local  Windows 


environment  if  there  is  no  Mac 
version  with  OS  X  starting  up  a 
virtual  Windows  environment 
when  the  user  clicks  on  the  appli¬ 
cation.  With  this  support  of  the 
corporate  Windows  standard, 
companies  could  let  users 
choose  Macs.  But  do  not  hold 
your  breath.  Far  too  many  corpo¬ 
rate  IT  groups  are  focused  on 
doing  their  job  efficiently,  not 
making  things  good  for  their 
users.Thus,l’m  resigned  to  seeing 
Apple  as  an  also-ran  in  the  cor¬ 
porate  world. 

Disclaimer:  Harvard  is  one  of 
those  corporations  where  Apples 
are  run  by  exception  rather  than 
rule,  but  the  above  prediction  was 
not  checked  with  the  Harvard  IT 
folks,  so  it  is  mine  alone. 

Bradner  is  a  consultant  with 
Harvard  University's  University 
Information  Systems.  He  can  be 
reached  at  sob@sobco.com. 


IP  address 

continued  from  page  23 

sion  of  DNS  and  DHCP  that  came  free  with 
Windows,”  says  Daniel  Golding,  a  senior 
analyst  with  the  Burton  Group. 

“That  is  not  a  slap  at  Microsoft,  but  the 
company  designed  the  free  software  for 
small  businesses,  so  it  doesn’t  have  the 
security  and  scalability  features  enterprise 
IT  shops  need  when  managing  thousands 
of  IP  addresses,”  he  says. 

Golding  says  security  incidents,  availabil¬ 
ity  problems  or  time-consuming  manual 
processes  have  many  customers  looking 
for  an  easier  way  to  manage  their  blocks  of 
IP  addresses.  Going  forward,  vendors  plan 
to  roll  out  appliances  that  can  handle  more 
IP  addresses  across  multiple  platforms  and 
operating  systems, and  building  their  wares 
to  more  quickly  associate  an  IP  address 
with  a  user.  For  instance,  instead  of  getting  a 
report  saying  a  certain  address  is  assigned 
to  a  device,  technology  from  eTelemetry 
can  report  an  IP  address  as  John  Doe’s 
workstation  or  the  edge  router  at  a  redun¬ 
dant  data  center. 

“People  are  waking  up  and  noticing 
their  legacy  systems  are  antiquated  and 
just  not  keeping  up  with  the  allocation  of 
new  addresses,”  Golding  says.  “Now  they 
want  low-cost  and  low-maintenance  prod¬ 
ucts  to  get  a  handle  on  IP  addresses.” 

In  Meier’s  case,  he  started  using  Metainfo 
in  1999,  when  Macintosh  computers  made 
it  difficult  for  his  staff  to  manage  about  half 
of  its  2,000  IP  addresses  with  automated 
processes.  The  free  software  Microsoft  pro¬ 
vided  with  PCs  didn’t  support  the  Apple 


Mastering  numerology 

IP  address  management  is  more  than  just  tracking  a  block  of  numbers. 

Here  are  a  few  challenges  network  managers  face  and  how  to  address  them. 


Challenge: 

Strategy: 

Blocks  of  IP  addresses  often  don't  reflect  how  a 
network  is  designed.  For  instance,  IP  addresses 
are  hierarchical  -  meaning  they  are  classified 
according  to  various  criteria  into  successive  levels 
or  layers  -  but  don’t  necessarily  follow  the  way 
a  corporate  network  is  put  together,  as  blocks  of 
addresses  could  be  assigned  out  of  order. 

IP  address-management  software  needs  to  be  able  to 
be  integrated  with  other  management  systems  and  be 
able  to  share  knowledge  with  other  systems 
automatically,  so  IT  managers  can  relate  devices  to 
groups  of  users  or  applications. 

Early  versions  of  Berkeley  Internet  Name  Domain 
(BIND)  -  which  includes  the  standard  APIs  for 
translation  between  domain  names  and  Internet 
addresses  and  is  intended  to  be  linked  with 
applications  requiring  name  service  -  are  not 
considered  secure,  robust  or  scalable. 

BIND  Version  9  is  a  major  rewrite  of  the  BIND 
architecture  and  includes  support  for  DNS  Security 
Extensions,  which  helps  prevent  security  threats,  such 
as  cache  poisoning;  and  IPv6,  which  can  handle  a  lot 
more  IP  addresses.  Customers  should  consider  only 
products  with  BIND  9  support  built  in. 

Usually  maintaining  several  management  tools, 
customers  are  looking  for  a  quicker,  easier  way 
to  get  a  handle  on  their  IP  addresses  and  automate 
some  of  the  tasks  associated  with  their  DNS  and 
DHCP  servers. 

IP  address-management  vendors  such  as  Blue  Cat 
Networks,  eTelemetry,  InfoBlox,  INS,  Lucent  and  Metainfo 
package  their  software  onto  easy-to-install  appliances 
that  don't  require  network  groups  to  use  a  server  to 
host  the  IP  address-management  software  or  a 
database  to  maintain  with  the  address  inventory. 

operating  system,  which  remains  popular 
among  artists  and  designers,  and  continues 
to  be  used  in  many  publications. 

“Our  Macs  became  an  administrative 
nightmare,  because  we  had  to  manually 
manage  those  addresses,  while  the  PCs  on 
the  business  side  we  could  do  automati¬ 
cally  Meier  explains.“If  you  can’t  track  that 
information  automatically,  you  are  lost  in 
terms  of  how  many  addresses  you  actually 
have,  what  devices  are  on  your  network  and 
what  the  users  are  doing  with  the  devices 


—  like  going  to  inappropriate  Web  sites.” 

VoIP  led  Bruce  Bartolf.CTO  at  architectur¬ 
al  firm  Gensler  in  San  Francisco,  to  begin 
the  process  of  rolling  out  more  than  30 
lnfoblox-1200  appliances  to  distributed 
offices.  Bartolf  says  he  opted  for  IP  address- 
management  appliances  to  let  his  network 
handle  DHCP  and  Trivial  File  Transfer  Pro¬ 
tocol  (TFTP)  in  an  efficient  manner  — 
without  adding  Windows  servers  at  each 
location.  In  Bartolf  s  Avaya  voice  rollout, the 
IP  phones  need  to  identify  themselves  with 


the  DHCP  server  as  well  as  the  call  man¬ 
ager  server,  which  is  where  TFTP  comes 
into  play.  Many  VoIP  phones  use  TFTP  to 
download  configuration  files. 

“We  already  have  a  bunch  of  Windows 
servers  out  there,  but  I  wanted  to  keep  my 
telephony  network  as  separate  as  possible 
across  the  WAN,”  he  says.“lnfoBlox  appli¬ 
ances  offer  a  simpler  option.” 

With  about  4,000  IP  addresses  now  — 
and  expectations  that  the  number  will  at 
least  double  when  the  IP  phones  are  in 
place  —  Bartolf  says  IP  address-manage¬ 
ment  tools  will  speed  the  DHCP  service 
deployment  to  all  locations. 

“Considering  the  many  remote  loca¬ 
tions,  I  didn’t  want  to  have  to  open  up 
ports  so  the  IP  phones  could  TFTP  to  call 
managers.  1  wanted  to  take  that  out  of  the 
hands  of  the  sites  without  remote  admin¬ 
istrators,”  Bartolf  says. 

Trade  Lang,  network  engineer  in  the  Tele¬ 
com  Technical  Support/EFTS  group  at  Rohm 
and  Haas,  says  the  specialty  chemical  com¬ 
pany  in  Philadelphia  outgrew  the  software  it 
had  and  wanted  to  take  the  appliance 
route.  She  began  working  with  INS’  IPCon- 
trol  product  about  nine  months  ago  to  get 
some  30,000  addresses  under  control.  Using 
an  appliance  over  software,  she  says,  en¬ 
ables  her  to  train  many  IT  staffers  to  manage 
their  own  parts  of  the  network,  while  also 
keeping  high-level  tabs  on  IP  addresses. 

“DNS  is  integral  to  every  midsize  or  large 
network;  many  products  simply  won’t  func¬ 
tion  without  it,”  Lang  says  “For  networks,  DNS 
is  a  service  like  electricity  and  the  lights.  It 
has  to  be  there  and  it  has  to  work,  and  no 
issues  crop  up  if  it  is  managed  properly’  ■ 


26  •  www.networkworld.com  •  4.17.06 


MANAGEMENT 

INVESTMENTS 


Investors  seek  network  mgmt.  innovation 


Money  in  management 

Among  the  network-management  start-ups  that  received  second  rounds  of 
funding: 


Company 

Product/description 

Latest  funding 

Cittio 

WatchTower  -  enterprise  monitoring 
and  management  software. 

March  2006  -  $8  million  from  JK&B 
Capital,  Hummer  Winblad  Venture  Partners. 

Groundwork 
Open  Source 
Solutions 

Groundwork  Monitor  Professional  —  IT 
monitoring  tool  based  on  open  source 
software. 

March  2005  -  S8.5  million  from  Mayfield, 
Canaan  Partners. 

LogLogic 

LogLogic  3  -  appliance  that  aggregates 
and  stores  log  data. 

September  2004  -  S13  million  from 
Sequoia  Capital,  Telesoft  Partners  and 
Worldview  Technology  Partners. 

Splunk 

Splunk  -  downloadable  software  to 
search  logs  generated  by  hardware  and 
software. 

January  2006  —  $10  million  from  JK&B 
Capital. 

SOURCE:  COMPANIES 


BY  CARA  GARRETSON 

Start-up  companies  looking  to  challenge 
the  dominance  enjoyed  by  expensive,  com¬ 
plex  network  management  suites  are 
attracting  second  and  third  rounds  of  fund¬ 
ing  from  venture  capitalists  eager  to  get  in 
on  the  next  big  thing. 

In  particular,  investors  are  putting  money 
into  companies  with  network-monitoring 
and  -troubleshooting  products  that  are 
attracting  customers  who  want  to  care  for 
their  networks  without  the  cost  and  dedi¬ 
cated  staff  demanded  by  CAs  Unicenter, 
IBM’s  Tivoli  and  HP’s  OpenView  —  typical¬ 
ly  considered  the  leading  products  in  this 
market. 

Start-ups  Cittio,  Splunk  and  Groundwork 
Open  Source  Solutions  have  received  a 
combined  $35  million  in  the  past  13 
months,  and  a  fourth  company  called  Log- 
Logic  says  it  will  soon  announce  a  third 
round  of  investment,  following  the  $13  mil¬ 
lion  it  received  in  September  2004  (see 
graphic).  Attracting  investors  to  companies 
such  as  these  is  the  promise  of  a  new  gen¬ 
eration  of  network  management  tools  that 
may  be  innovative  and  nimble  enough  to 
eventually  supplant  the  incumbents. 

Importance  of  solid  net  management 

Broadly  defined,  network  management  is 
a  $3.5  billion  market,  says  Benjamin  Nye, 
managing  director  of  venture  capital  with 
Bain  Capital  in  Boston.  As  networks 
become  more  distributed  physically  and 
populated  with  devices,  network  manage¬ 
ment  is  more  important  than  ever,  he  says. 

“Think  about  the  distributed  organization 
today;  it’s  the  norm,  not  the  exception,”  Nye 
says. “Whether  you’re  big  or  small,  if  you’re 
running  a  mission-critical  network,  look  at 
how  many  different  devices  are  resident  on 
the  network _ There’s  much  more  depen¬ 

dency  that  rides  on  that  network.” 

In  February  2005,  Bain  invested  $12  mil¬ 
lion  in  Network  Intelligence,  which  sells 
software  that  monitors  and  reports  on  net¬ 
work  events  for  security  and  compliance 
purposes. 

Managing  the  increased  complexity  in 
the  network  calls  for  a  new  breed  of  sim¬ 
pler,  sleeker  tools,  some  investors  say 

Despite  his  extensive  background  in  net¬ 
work  management,  Marc  Sokol,  CAs  former 
vice  president  of  marketing  and  now  a  part¬ 
ner  at  venture  capital  firm  JK&B  Capital  in 
Chicago,  waited  six  years  before  investing 
in  a  network-monitoring  start-up. 

“It’s  because  the  big  guys  —  Unicenter, 


Tivoli  and  OpenView  —  commanded  such 
market  control,”  he  says.“But  today  there’s  a 
large  market  of  customers  that  for  lots  of 
different  reasons  consider  the  Big  Three  not 
to  be  options  —  either  the  license  fee 
priced  them  out  of  the  market,  or  the  cost  of 
implementation  or  the  customer  just  didn’t 
need  all  those  features.” 

At  the  end  of  March,  JK&B  invested  $8  mil¬ 
lion  in  Cittio,  maker  of  network-monitoring 
and  -operations  software  called  Watch- 
Tower.  In  January  the  firm  invested  $10  mil¬ 
lion  in  Splunk,  which  creates  a  search 
engine  that  helps  troubleshoot  systems  by 
navigating  through  the  logs  they  create. 
Sokol  has  taken  a  seat  on  the  board  of 
directors  of  both  companies. 

Cittio  breaks  out  of  the  traditional  net¬ 
work  management  mold  by  offering  a  criti¬ 
cal  management  function,  monitoring, 
that’s  relatively  inexpensive  and  easily  inte¬ 
grates  with  third-party  products,  Sokol  says. 

“I  think  there’s  now  a  need  for  disintegra¬ 
tion  among  [network  management  com¬ 
ponents]  ,”  Sokol  says.  “Because  of  new  ser¬ 
vice-oriented  architectures  and  the 
[Asynchronous  JavaScript  +  XML]  user 
interface,  you  can  get  the  benefits  of  inte¬ 
gration  without  having  to  sell  an  all-in-one 
product.” 

A  streamlined  approach 

While  Cittio  and  other  companies  offer 
more  streamlined  approaches  to  network 
monitoring,  enterprises  are  usually  hesitant 
to  bet  on  products  from  start-ups,  especial¬ 
ly  for  a  task  as  crucial  as  keeping  the  net¬ 
work  running. 

“That’s  always  going  to  be  the  challenge” 
for  start-ups,  says  James  Governor,  principal 
analyst  with  RedMonk.  To  get  around  this 
hurdle, start-ups  need  to  partner  with  bigger 
vendors  that  can  introduce  them  to  cus¬ 
tomers  and,  to  some  extent, vouch  for  them. 
Or,  as  in  Cittio’s  case,  they  need  to  focus  on 
one  aspect  of  a  larger  market. 

“Cittio  has  very  explicitly  stated  they  don’t 
offer  all  the  functions  that  larger  vendors 
offer,  but  they’re  trying  to  define  a  sweet 
spot,”  Governor  says. 

Some  organizations  are  willing  to  take 
their  chances  with  products  from  start-ups 
to  get  the  features  they  need  at  an  afford¬ 
able  price. 

The  National  Parks  Conservation  Asso¬ 
ciation  chose  Cittio’s  WatchTower  network¬ 
monitoring  tool  so  the  IT  department  can 
find  trouble  spots  on  the  network,  says 
Caterina  Luppi,the  nonprofit  organization’s 


IT  director. 

“We  didn’t  have  anything  before,  and  that 
created  a  number  of  problems,”  Luppi  says. 
“The  users  were  being  our  alarm  system;  we 
were  finding  out  something  wasn’t  work¬ 
ing,  because  there  was  a  user  complaining.” 

The  Washington,  D.C.-based  organization, 
which  has  about  85  users  on  its  network, 
uses  IT  products  from  a  diverse  group  of 
vendors;  Luppi  chose  Cittio’s  WatchTower 
because  it  gives  the  LAN  administrator  a  sin¬ 
gle  point  from  which  to  monitor  them  all. 

Cittio’s  tool  also  is  relatively  inexpensive, 
an  important  consideration  for  a  nonprofit 
group,  she  says.  According  to  company  offi¬ 
cials,  WatchTower  is  priced  at  between  $200 
and  $400  per  node,  depending  on  number 
of  nodes  managed. 

“The  big  network  management  suites 
were  totally  out  of  our  budget,  and  I  don’t 
have  the  manpower  to  use  100%  of  their 
features,”  Luppi  says.  “That  would  be  like 
buying  a  truck  and  using  it  as  a  bike.” 

Other  network-monitoring  and  -trou¬ 
bleshooting  tools  from  relative  newcomers 
also  are  making  inroads. 

Splunk,  which  approaches  network  man¬ 
agement  by  helping  IT  staff  find  the  prover¬ 
bial  needle  in  a  haystack,  says  35,000  peo¬ 
ple  have  downloaded  its  search  engine 
since  it  launched  in  August  2005. The  com¬ 
pany’s  Splunk  Professional  search  software 
filters  through  all  the  logs  and  other  data 
generated  by  IT  systems,  devices  and  appli¬ 
cations  so  problems  can  be  found  and 
fixed  faster,  according  to  the  company  It  is 
priced  at  $2,500  for  an  annual  license. 

LogLogic  also  attempts  to  enhance  net¬ 
work  troubleshooting  by  capturing  logs 


from  all  of  a  corporation’s  hardware  and 
software  in  what  it  calls  a  log-management 
intelligence  platform.  Delivered  as  an  appli¬ 
ance,  LogLogic  lets  customers  analyze, 
store,  generate  reports  on  data  for  compli¬ 
ance  and  risk  mitigation,  company  officials 
say. The  LogLogic  Compliance  Suite  starts  at 
$10,000. 

Log  data  more  relevant 

While  he  doesn’t  see  log  management 
falling  under  the  definition  of  network 
management,  RedMonk’s  Governor  says 
companies  such  as  LogLogic,  Splunk  and 
others  are  making  log  data  more  relevant 
for  network  managers. 

“Network  management  tends  to  be  real 
time;  log  management  is  after  the  fact  —  it’s 
more  about  looking  at  what  happened  and 
analyzing  that,”  Governor  says.  “These  com¬ 
panies  are  making  log  management  more 
of  a  real-time  function, and  then  it  becomes 
more  valuable.  It’s  moving  from  being  a  sub¬ 
set  of  security  management  to  more  of  an 
application-management  function.” 

Another  company,  Groundwork  Open 
Source  Solutions,  is  positioning  its  IT  moni¬ 
toring  tool  as  costing  a  fraction  of  what 
commercial  products  go  for.  Groundwork 
Monitor  Professional,  based  on  open 
source  components,  including  Nagios, 
RRDTool  and  MySQL,  gives  customers  a 
central  point  for  monitoring  applications, 
databases,  servers  and  network  equipment, 
officials  say 

Groundwork  Monitor  Professional  costs 
about  $16,000  for  an  annual  subscription 
and  is  installed  at  “hundreds  of  enterprises,” 
according  to  company  officials.  ■ 
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More  turning  to  telecom  expense  tools 

Concern  about  billing  scams  and  impact  of  mergers  cited  for  heightened  interest. 


More  looking  to  get  biggest  bang  for  telecom  buck 

A  large  percentage  of  customers  are  already  using  a  variety  of  telecom 
expense  management  (TEM)  tools  and  services,  according  to  a  survey  of 
90  enterprise  users. 


TEM  tool 

Invoice  presentation  and  analysis 

Use  now 

67% 

Plan  to  use  within 

12  months 

17% 

Plan  to  use  after 
12  months 

7% 

Invoice  contract  term  reconciliation 

63% 

15% 

7% 

Service  usage  auditing/accounting 

64% 

23% 

5% 

Service  usage  allocation/chargeback 

55% 

14% 

5% 

Inventory/asset  management 

To% 

26% 

13% 

Spend  analytics 

40% 

26% 

15% 

Service  rate  database 

38% 

23% 

10% 

Electronic  contract  management 

33% 

122% 

13% 

SOURCE:  ABERDEEN  GROUP;  respondents  could  select  multiple  categories. 


BY  DENISE  PAPPALARDO 

Telecom  expense-management  tools  and 
services  aren’t  new,  but  more  businesses 
than  ever  are  finding  them  necessary 

Reasons  include  the  fact  that  service  pro¬ 
viders  continue  to  bill  customers  in  error, of 
course,  but  also  the  ongoing  concerns  over 
industry  consolidation  —  as  well  as  out¬ 
right  scams. 

“There’s  a  lot  of  interest  in  billing  tools 
and  analytics  today?’ says  Rick  Saia,  research 
analyst  for  Aberdeen  Group’s  global  supply- 
management  practice.  Most  companies  use 
such  tools  to  monitor  invoices,  contract 
terms,  departmental  reconciliation,  service 
rates  and  payments,  he  says. 

Aberdeen  estimates  that  7%  to  12%  of 
telecom  service  charges  are  in  error. 

“I’ve  seen  an  increase  in  marketing  and 
offerings  of  third-party  expense-manage¬ 
ment  services  in  the  past  12  months,”  says 
Dan  Rathbun,  indirect  commodity  manager 
at  Pentair  in  Golden  Valley  Minn. 

Sprint  Nextel.one  of  Rentair’s  wireless  ser¬ 
vice  providers,  brought  TEM  company  In¬ 
tegrated  Mobile  to  Ftentair  about  a  year  ago. 
Integrated  Mobile  provides  a  suite  of  ser¬ 
vices  including  order  fulfillment,  configura¬ 
tion  and  bill  management  for  a  customer’s 
end-to-end  wireless  service  needs. 

“It  was  a  great  thing  for  us,”  Rathbun  says. 
“The  benefit  is  not  just  an  expense  man¬ 
agement  tool, but  it  has  the  effect  of  placing 
you  at  a  different  point  in  the  supply  chain, 
because  [Integrated  Mobile]  does  fulfill- 


Short  Takes 


■  Caspian,  a  provider  of  multimedia 
traffic-management  products  for 
IP/MPLS  networks,  last  week  un¬ 
veiled  a  Fair  Use  Policy  Framework 
that  is  implemented  in  its  Media 
Controller  product  line.  The  frame¬ 
work  is  intended  to  ensure  fair  alloca¬ 
tion  of  bandwidth  for  multimedia  traf¬ 
fic.  Caspian  says  the  framework  will 
help  resolve  issues  of  equitable  distri¬ 
bution  of  and  access  to  Internet  con¬ 
tent  being  raised  in  the  'Net  neutrality 
debate  among  carriers  and  content 
providers. 


ment,  rate  optimization  and  distributed 
billing  on  a  monthly  basis.” 

Pentair,  which  provides  water  movement, 
treatment  and  storage  products,  uses  Inte¬ 
grated  Mobile  to  manage  about  1 ,000  wire¬ 
less  devices  and  contracts. 

Pentair  also  uses  telecom  bill-auditing 
services  at  certain  locations  for  wireline 
voice  and  data  services. 

One  big  error  Integrated  Mobile  picked 
up  on  was  an  order  for  16  new  lines  that 
didn’t  come  through  its  fulfillment  system 
and  therefore  was  immediately  flagged  as 
possible  fraud.  The  charges  for  these  lines 
were  immediately  placed  in  dispute. 

When  going  with  a  TEM  vendor,  cus¬ 
tomers  are  told  they  can  reduce  monthly 
telecom  costs  by  about  10%  after  initial 
contract  rate  reductions.  “And  yes,  we’ve 
seen  that,”  Rathbun  says. 

Other  considerations 

But  saving  money  is  only  one  aspect  of 
TEM.  Another  is  helping  customers  mine 
the  vast  amount  of  data  that’s  included  with 
their  invoices.  For  one  national  retailer  of 
office  supply  products,  that  data  mining 
capability  has  made  it  possible  to  flag  third- 
party  billing  scams. 

The  telecom  manager,  who  asked  that  her 
name  and  company  not  be  published, says 
there  has  been  a  sharp  increase  in  third- 
party  billing  scams. 

She  started  noticing  calls  that  cost  $20 
apiece  on  her  telecom  invoices  from  10 
retail  locations  in  the  New  York  region. 
These  calls  were  made  to  a  company 
called  Jobs  Hotline,  which  operates  much 
like  a  900  service.  The  telecom  manager 
points  out  that  she  blocks  all  outgoing 
calls  to  900-like  numbers,  but  the  problem 
with  the  phone  numbers  going  to  Jobs 
Hotline  was  that  they  used  a  standard 
area  code  and  exchange.  She  also  be¬ 
lieves  the  calls  were  never  placed  from 
the  10  stores.  In  fact, about  eight  calls  were 
placed  back-to-back  from  the  fax  num¬ 
bers  at  each  store. 

You  could  look  at  the  $20  charges  as  such 
a  small  expense  it  might  not  be  worth  the 
headache  of  tracking  them  down  and  get¬ 
ting  refunds,  especially  when  you  spend 
about  $30  million  a  year  on  telecom  ser¬ 
vices  nationwide,  like  this  company  does. 
But  the  problem  quickly  escalated  as  more 
calls  were  placed  from  these  fax  lines  to 


Jobs  Hotline. “It  was  a  $l,500-per-month 
problem  that  turned  into  a  $3,000-a-month 
problem  in  three  to  four  months,”  she  says. 
The  charges  also  were  hard  to  spot  initially 
because  they  were  funneled  through  a  legit¬ 
imate  third-party  billing  company  she  says. 

TEM  products  from  Asentinel  helped  the 
office-supply  company  get  the  charges 
and  expenses  in  check. The  tools  allowed 
the  company  to  track  the  fax  calls  and 
charges,  which  now  are  grouped  together 
automatically  in  a  separate  report.  This 
makes  it  easier  for  the  company  to  try  to  get 
its  credits. 

Pentair  has  been  in  contact  with  the  FCC, 
the  Federal  Trade  Commission  and  the 
Attorney  General’s  office  about  the  fraud. 

Another  customer  also  has  seen  an  in¬ 
crease  in  third-party  billing  problems. 

“The  biggest  nuisance  we  never  expected 
is  dealing  with  bogus  companies  selling  In¬ 
ternet  advertising  services,”  says  Larry  Van 
Etten,  senior  manager  of  Ikon  Office  Solu¬ 
tions’  telecommunications  services  center 
in  Malvern,  Pa. 

In  this  scam,  checks  for  about  $2  are  sent 
to  Ikon’s  local  offices.  These  checks  are 
cashed  by  accounts  receivable  staffers, who 
believe  them  to  be  legitimate.  By  cashing 
the  checks,  Ikon  essentially  is  agreeing  to 
pay  for  an  Internet  advertising  service.  The 
charges  range  from  $39  to  $69  per  month. 

“We  got  hit  with  over  300  fraudulent  bills 
one  month,”  he  says.  “Fortunately  we  have 


Rivermine,  which  lets  us  know  when  we 
have  oddball  third-party  charges.” 

Ikon,  a  document-management  and  ser¬ 
vices  company  was  able  to  eliminate  the 
problem  by  blocking  all  third-party  billing, 
which  it  manages  through  its  Rivermine 
platform.  Rivermine  provides  TEM  tools  for 
enterprises.  The  Internet  advertising  ven¬ 
dors  are  then  forced  to  bill  Ikon  separately 
which  most  of  these  bogus  companies 
aren’t  interested  in  doing,  he  says. 

Big  deals  a  big  deal 

The  biggest  issue  businesses  face  in  the 
TEM  arena  is  dealing  with  all  of  the  merger- 
and-acquisition  activity,  says  Michael 
Vollinger,  enterprise  mobility  vice  president 
at  Telwares,  which  specializes  in  telecom 
procurement  and  contract  negotiations. 

“Taking  behemoths  in  the  market  and 
crunching  them  together  is  a  headache  for 
business  users,”  he  says. 

While  most  of  these  deals  have  closed, 
billing-system  integration  and  platform 
elimination  hasn’t  happened  in  force  yet. 
One  customer  points  out  that  all  her  SBC 
bills  now  include  the  AT&T  logo,  but  other¬ 
wise  the  bills  look  as  they  did  premerger. 

“The  first  thing  to  fall  off  the  wagon  will  be 
data  quality  Vollinger  says.  “I’m  not  talking 
about  degradation  in  the  quality  of  the  data 
services  but  from  a  billing  perspective.” 

The  largest  carriers  will  be  trying  to 

See  TEM,  page  30 


A  Global  Hotel  Company  Analyzing  1.4  Million  Records  a  Day. 
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How  does  Hilton  forecast  demand  for  its  370,000  rooms  and  its  catering  services?  They 
import  data  from  six  systems  into  one  data  warehouse  requiring  7  million  rows,  and 
running  on  SQL  Server™ 2005  with  99.98%  uptime.*  See  how  at  microsoft.com/bigdata 
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May  17-19,  2006 

Hyatt  Regency 

Reston,  Virginia 


Benefits  •  Innovations  ■  Solutions 


The  U.S.  Federal  Government  has  mandated 
the  adoption  of  the  New  Internet  (Internet 
Protocol  version  6,  or  IPv6),  the  massive 
upgrade  of  the  existing  IPv4  standard,  in 
use  since  1973.  The  transition  to  IPv6  offers 
major  opportunities  -  and  challenges  -  for 
every  Federal  department,  which  will  be 
identified  and  discussed  by  experts  in  this 
unique  conference. 

The  Federal  IPv6  Summit  will  feature  senior 
political  and  military  leaders,  IT  organization 
executives,  ISPs  and  first  responders  -  who 
will  identify  their  visions  of  how  the 
government  will  benefit  from  IPv6,  how  this 
transition  will  take  place,  and  what  roles 
industry  should  pursue. 


This  is  a  must-attend  event, 
especially  for  those  working 
for  or  in  support  of  the  US 
Federal  government. 


Alex  Lightman 

Chairman, 

Federal  IPv6  Summit  2006 

There  will  also  be 
demonstrations  of  new 
IPv6  applications,  including 
up-to-the-  minute  reports 
on  the  first  IPv6/WLAN  city 
in  America! 


Wednesday,  May  17 

IPv6  Workshops 

■  IPv6  Transition  Management  Track 

■  IPv6  Technical  /  Security  Track 


Thursday,  May  18 

Keynotes  and  Panels 

■  IPv6  as  the  Foundation  for  Federal 
Interoperability 

■  IPv6  Benefits  for  Enterprise-Centric 
Government 

■  IPv6  Working  Group  for  CIO  Council 

■  Building  IPv6  into  the  Enterprise  Architecture 


Friday,  May  1  9 

Keynotes  and  Panels 

■  Innovation  via  IPv6 

■  Virginia  shows  IPv6  Leadership 

"  First  Responder  Requirements  &  Applications 

■  Katrina  Panel:  ERM  and  IPv6 


REGISTER  ONLINE: 

© 

federalipv6summit.com 

More  Info: 

TEL:  310.458.3233 
EMAIL:  info@usipv6.com 

PRODUCED  BY: 

IF3 

summiT 

irsicz. 

IN  CONJUNCTION  WITH: 

IPv6  Transition 
Workshop 

Transitioning  to  IPv6 
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Let  competition  bring 
broadband  to  boonies 


Regular  readers  know  I’m 
deeply  skeptical  of  the  sup¬ 
posed  need  for  a  federal  uni¬ 
versal  broadband  policy. That 
said,  I’m  well  aware  there  are 
some  parts  of  the  country  that 
are  currently  underserved  by 
broadband  services. 

Even  in  the  boondocks  there 
are  options,  however.  One  is 
satellite;  another  is  municipal 
wireless:  As  most  readers  are 
aware,  municipalities  from  Philadelphia  to 
San  Francisco  are  deploying  free  or  low- 
cost  Wi-Fi  networks  for  their  citizens  to  use. 

It’s  a  great  idea:  Let  the  taxpayers  in  those 
cities  decide  what  services  they  want  to 
provide  —  without  federal  interference.  If 
citizens  want  to  tax  themselves  to  pay  for 
universal  broadband,  more  power  to 
them.  Just  keep  Big  Brother  out  of  it. 

Unfortunately  not  everyone  agrees. 

Readers  may  recall  that  legislators,  acting 
under  the  influence  of  the  powerful  tele¬ 
com  and  cable  lobbies,  have  proposed  leg¬ 
islation  recently  that  limits  or  restricts 
municipalities’  ability  to  bring  broadband 
to  the  boonies.  Last  May  Rep.  Pete  Sessions 
(R-Texas)  introduced  a  bill  that  bans  gov¬ 
ernments  from  providing  Internet  services. 
In  June,  Florida  Gov.  Jeb  Bush  signed  a  sim¬ 
ilar  law.  Last  summer  Sen.  John  Ensign  (R- 
Nev.)  introduced  the  Broadband  Invest¬ 
ment  and  Consumer  Choice  Act  of  2005, 
which  limits  local  governments’  ability  to 
deploy  public  broadband  systems. 

But  the  one  that  really  takes  the  cake  is 
BellSouth’s  recent  jaw-droppingly  obscene 
push  to  shut  down  New  Orleans’  municipal 
Wi-Fi  network  —  which  is  the  only  func¬ 
tioning  communications  network  for  large 
swaths  of  the  city  —  on  the  grounds  that 
state  law  prohibits  municipalities  from  pro¬ 
viding  not-for-profit  networks.  No,  I’m  not 
making  this  up.  Check  out  www.nwdocfind 
er.com/3035. 

I  have  nothing  against  telcos  making  a 
profit.  Capitalism  is  the  engine  that  drives 
the  economy  But  competition  is  the  fuel.  A 
business  model  based  on  lobbying  politi¬ 
cians  to  stifle  competition  leaves  the  inno¬ 
vation  engine  running  on  fumes  —  and  tel¬ 
cos  and  cable  companies  should  be 
ashamed  to  do  that. 

Last  I  checked,  the  way  to  make  a  profit 
was  to  provide  high-quality  services  that 
customers  want  to  pay  for.  Cash-strapped 
municipalities  may  be  able  to  offer  a  “low¬ 
est  common  denominator”  service  —  and 
that’s  great.  Telcos  and  cable  companies 
can  benefit  by  offering  higher-quality  ser¬ 
vices;  after  all,  if  consumers  were  satisfied 
with  “lowest  common  denominator”  ser¬ 
vices,  cable  TV  wouldn’t  exist. 


Fortunately  Congress  may  be 
getting  a  clue.  Responding  to 
Ensign’s  bill.  Senators  John 
McCain  (R-Ariz.)  and  Frank 
Lautenberg  (D-N.J.)  introduced 
the  Community  Broadband  Act 
of  2005,  which  prohibits  state 
laws  that  ban  municipal  net¬ 
works.  More  recently  Congress 
has  begun  debating  several 
telecom  bills,  some  of  which 
include  provisions  explicitly 
supporting  municipal  networks. 

The  bottom  line?  If  you  agree  with  me, 
write  your  lawmakers  today  —  and  if  you 
disagree,  let  me  know  why  you  think  it’s  bet¬ 
ter  to  pass  laws  limiting  innovation  than  to 
support  it.  I’d  be  interested. 

Johnson  is  president  and  senior  founding 
partner  at  Nemertes  Research,  an  indepen¬ 
dent  technology  research  firm.  She  can  be 
reached  at  johna@nemertes.com. 


TEM 

continued  from  page  27 

crunch  numbers  from  disparate  platforms 
as  they  combine  customer  contracts,  he 
says.This  likely  will  lead  to  errors. 

Mike  Hartz,  manager  of  telecom  services 
for  Bridgestone  Firestone  Diversified  Pro¬ 
duct  in  Kings  Mountain,  N.C.,  is  worried 
about  the  mergers. 

“My  concerns  are  it  will  impact  us  on  the 
customer  service  or  expense  side,  not  nec¬ 
essarily  affect  our  level  of  service,”  he  says. 

He  hasn’t  seen  any  negative  changes  in 
terms  of  billing  since  Sprint  and  Nextel 
merged,  but  he  says  his  experience  with 
past  mergers  has  raised  concern. 

Firestone  did  a  lot  of  work  with  AT&T 
Wireless  before  Cingular  acquired  that 
company,  Hartz  says.“We  had  a  lot  of  folks 
on  AT&T  phones,  and  we  tried  to  move 
them  to  Cingular.  They  made  it  very  diffi¬ 
cult  for  us.  It  was  easier  to  port  a  phone 
from  Sprint  to  Cingular  than  it  was  to  port 
over  an  AT&T  [Wireless]  phone  to 
Cingular” 

Still  today  Cingular  is  more  restrictive 
with  its  shared  minutes  because  of  how  it 
bills,  Hartz  says.  Cingular  doesn’t  allow 
users  based  in  different  markets  to  share 
minutes,  but  Sprint  does,  he  says. 

Using  a  third-party  TEM  vendor  reduces 
the  impact  of  these  mergers  because 
they’re  responsible  for  contract  and  rate 
management,  he  says.  Firestone’s  repre¬ 
sentative  at  Integrated  Mobile,  the  TEM 
vendor  the  company  uses, “gets  frustrated 
dealing  with  the  multiple  vendors.  1  don’t.” 
Hartz  says.  ■ 
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TECHHOUIBY  UPDATE 

AN  INSIDE  LOOK  AT  TECHNOLOGIES  AND  STANDARDS 


802.11s  extends  wireless  outdoors 


HOW  IT  WORKS:  802.11s 


The  proposed  802.11s  standard  details  how  a  node  can  join  a  wireless  mesh 
network. 


MP:  Mesh  point 


MP3 


MP4 


MAP2 


MP1 


MAPI 


u 


MPx 


□  Mesh  nodes  advertise  their  profile  and  mesh  capabilities  in  beacons.  Mesh  node  MPx  discovers  nodes 
in  its  mesh  network. 

B  MPx  associates  with  and  authenticates  with  neighboring  nodes  (MAP2,  MP4)  in  the  mesh  network. 
B  MPx  participates  in  selecting  the  optimal  path  for  forwarding  data  frames, 


BY  JIM  MURPHY  AND  ASHOK  SARAF 

Access  points  interconnected  with  peer- 
to-peer  wireless  links  create  a  backhaul 
infrastructure  called  a  wireless  mesh  net- 
work.These  networks  extend  service  across 
large  geographic  areas,  such  as  campuses 
or  metropolitan  areas,  facilitating  expand¬ 
ed  broadband  wireless  applications. 

An  IEEE  technical  group  is  working  to 
develop  the  802.1  Is  standard  for  wireless 
LAN  (WLAN)  mesh  networking.  At  last 
month’s  plenary  session,  the  group 
announced  the  baseline  document  for 
the  standard.  The  group  expects  to  have 
an  initial  draft  by  July  and  a  ratified 
802.1  Is  standard  by  early  2008. 

The  group  is  defining  capabilities  in  sev¬ 
eral  areas,  including: 

•  Topology  discovery 

•  Path  selection  and  forwarding. 

•  Channel  allocation. 

•  Security. 

•  Traffic  management. 

•  Network  management. 

Mesh  networks  introduce  some  new  ter¬ 
minology.  The  mesh  architecture  defines  a 
mesh  point  as  a  node  that  supports  mesh 
services.  A  mesh  point  that  supports 
access-point  services  as  well  as  mesh  ser¬ 
vices  is  called  a  mesh  access  point.  A  vari¬ 
ant  of  a  mesh  point  that  connects  into  the 
wired  network  is  called  a  mesh  portal. 

The  existing  802.11  media  access-con¬ 
trol  layer  is  being  enhanced  to  support 
mesh  services.  Mesh  networking  will  work 
with  existing  802.11  radio  technologies. 
Mesh  services  will  be  compatible  with 
existing  WLAN  clients. 

In  a  mesh  network  a  mesh  node  must  be 


able  to  discover  its  peers  and  associate 
with  them.  A  node  should  also  be  able  to 
select  an  optimal  path  through  a  mesh 
network  to  forward  data  frames.  The  stan¬ 
dards  group  is  working  on  a  path-selec¬ 
tion  protocol  called  Hybrid  Wireless 
Mesh. The  specification  is  being  designed 
in  such  a  way  that  vendors  can  use  their 
own  protocols  for  path  selection,  so  inter¬ 
operable  and  proprietary  mesh  deploy¬ 


ments  will  be  possible. 

The  802. 1  Is  group  intends  to  take  advan¬ 
tage  of  security  mechanisms  specified  in 
802.1  li  (completed  in  2004),  but  exten¬ 
sions  will  be  necessary  because  802.1  li 
provides  only  one-hop  link  security,  and 
mesh  networks  require  multihop  or  end- 
to-end  security.  Additional  work  will 
define  how  mesh  nodes  can  mutually 
authenticate  themselves  and  create 


secure  associations.  Each  node  would  act 
as  a  supplicant  and  authenticator  for 
adjacent  nodes.  Distributed  and  central¬ 
ized  802. lx  authentication  schemes  will 
need  to  be  supported.  Reauthentication 
must  occur  rapidly  for  roaming  nodes  to 
preserve  session  persistence. 

Engineering  traffic  to  avoid  congestion 
within  a  multihop  wireless  mesh  network 
is  a  challenge.  Local  congestion  on  a 
mesh  node  can  affect  neighboring  nodes 
using  the  same  channel.  Extensions  to  the 
QoS  mechanisms  defined  in  802.1  le  are 
being  considered  to  support  hop-by-hop 
congestion  control.  The  standards  body 
also  is  looking  at  ways  to  implement  rate 
control  to  alleviate  congestion. 

Deploying  a  mesh  network  with  thou¬ 
sands  of  nodes  requires  a  scalable  and 
comprehensive  centralized  network  man¬ 
agement  system.  It  must  manage  band¬ 
width,  security  and  QoS  policies  across  a 
network.  Planning  and  designing  a  net¬ 
work  are  essential  prerequisites  for  a  suc¬ 
cessful  deployment.  A  mesh  network  is 
dynamic  in  nature,  with  topology  changes 
happening  in  real  time.  Monitoring  of  a 
network  with  rapid  corrective  action 
becomes  critical  to  deliver  performance 
and  reliability 

Mesh  networking  will  usher  in  a  new 
paradigm  to  support  an  expanded  range 
of  wireless  services  and  applications. 

Sara  f  is  director  of  product  marketing  and 
Murphy  is  director  of  software  engineering 
for  Trapeze  Networks.  They  can  be  reached 
at  jmurphy@trapezenetworks.com  and 
asaraf@trapezenetworks.  com,  respectively. 


Ask  Dr.  Internet 


By  Steve  Blass 


Can  we  deploy  system  Images  to  Windows  PCs 
with  the  built-in  NTBackup  program  instead  of 
using  Symantec’s  Norton  Ghost? 

You  can  create  a  complete  backup  on  one  system  and 
restore  it  to  another  machine  with  the  same  hardware 
configuration  with  NTBackup.  The  second  machine  will 
have  the  same  machine  name  and  network  settings  as 
the  original,  so  you  need  to  restart  the  system,  rename  it 
under  the  Computer  Name  tab  in  the  Properties  dialog 
under  My  Computer  and  restart  again. 


Ghost  is  not  that  expensive  and  is  designed  to  deploy 
system  images;  however,  if  you  go  with  the  NTBackup 
approach,  you  need  to  build  up  your  initial  system  image 
and  create  a  full  system  backup,  including  the  System 
State  in  the  "What  to  Restore"  dialog  in  the  Restore 
Wizard.  When  you  get  to  the  “Completing  the  Restore 
Wizard"  screen,  click  the  Advanced  button  and  accept 
the  default  setting  of  "Restore  files  to:  Original 
Location”  and  click  Next.  On  the  "How  to  Restore" 
screen  that  follows,  be  sure  to  check  the  "Replace 
Existing  Files”  option  rather  than  the  default  "Leave 


existing  files"  setting.  After  the  restore  operation  is  com¬ 
plete,  reboot  the  system,  rename  it  and  reboot  again. 

While  this  approach  can  work,  you  may  find  that 
systems  imaged  this  way  exhibit  some  strange  behav¬ 
ior,  because  files  used  by  the  system  during  the 
restore  may  not  have  been  replaced.  This  is  one  rea¬ 
son  a  system-imaging  utility  such  as  Ghost  is  proba¬ 
bly  a  better  choice. 

Blass,  a  network  architect  at  Change@Work  in  Houston, 
can  be  reached  at  dr.internet@changeatwork.com. 
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WildPresenter  is  almost  there 
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GEARHEAD 

INSIDE  THE 
NETWORK 
MACHINE 

&ark  Gibbs 


l  retty  much  anytime  the  topic 
'of  using  Flash  comes  up  in  a 
group  of  techies  an  argument 
will  follow.  One  camp  usually  argues 
that  Flash  is  a  great  creative  tool, 
remarkable  information-delivery  sys¬ 
tem  and  outstanding  communica¬ 
tions  vehicle  for  almost  95%  of  Web 
users.  The  other  camp  considers 
Rash  suitable  only  for  the  most  egre¬ 
gious  excesses  of  advertising  and 
other  commercial  fripperies. 

We  reviewed  Macromedia’s  Studio 
8,  which  includes  Flash  8,  and  are  really  impressed  with 
what  can  be  achieved,  though  there  is  a  steep  learning 
curve  to  get  the  best  out  of  the  system. 

We  also  looked  at  various  basic  third-party  tools  for  cre¬ 
ating  Flash  content, such  as  banners  (these  are,  in  the  main, 
simple  programs),  right  through  to  Xcelsius,  which  creates 
remarkable  Flash  presentations  derived  from  Excel  spread¬ 
sheets  (see  www.nwdocfinder.com/3031  for  our  review  of 
the  previous  version). 

Today  we  have  another  third-party  Flash-construction  sys¬ 
tem  that  attempts  to  be  more  sophisticated  than  a  simple 
banner  builder  and  more  general  than  Xcelsius. The  prod¬ 
uct  is  WildPresenter  Version  2.008  (www.nwdocfinder/ 
3032)  published  by  Wildform. 

WildPresenter  is  designed  to:  record  on-screen  activity 
and  convert  it  to  a  Flash  presentation;  edit  PowerPoint  pre¬ 


sentations  and  templates;  convert  PowerPoint  files  to  Flash; 
convert  video  content  to  Flash;  create  animated  text  along 
with  animated  graphics;  and  capture  video  and  audio  and 
then  generate  output  for  the  Web,  CD-ROMs,  screensavers 
and  e-mail. 

Given  that  impressive  range  of  features,  it  isn’t  surprising 
that  WildPresenter  has  a  serious  learning  curve  (though 
nowhere  near  as  steep  as  that  of  Flash  8). 

WildPresenter  provides  a  number  of  wizards  to  simplify 
such  tasks  as  animating  text  and  importing  video  as 
well  as  managing  output  formats  (HTML,  screensaver 
and  so  on). 

Another  option  is  to  create  a  player  for  your  Flash  con¬ 
tent.  Wildform  provides  a  large  number  of  “skins, ’’and  you 
can  select  which  controls  (such  as  play/pause,  stop  and 
rewind)  are  available  at  run-time. 

Within  a  few  hours  of  getting  our  hands  on  WildPresenter, 
we  had  some  pretty  cool  Flash  movies,  which  included  a 
Gearhead  screensaver  for  Windows.  (Drop  us  a  note  with 
“screensaver”  as  the  subject  and  your  screen  resolution  in 
the  message  and  we’ll  send  you  a  copy) 

We  also  recorded  a  short  screen  session  and  imported  a 
couple  of  PowerPoint  files.  Here’s  where  things  stopped 
being  quite  so  good: 

The  screen  session  drove  the  processor  utilization  to 
100%,  which  caused  a  jerky  mouse  response  while 
recording  and  marginal  results.  With  PowerPoint  files  a 
simple  presentation  looked  great,  but  a  more  complex 
one  was  trashed  on  import. 


Another  problem  with  WildPresenter  is  that  in  some 
places  its  functioning  is  not  obvious.  For  example,  we 
added  a  video  to  the  timeline  and  set  it  to  loop.  We  then 
added  a  text  object  also  set  to  loop  that  started  at  frame 
30  and  ended  at  frame  90  while  the  video  ended  at 
frame  120. 

When  we  ran  it  the  video  started,  the  text  appeared  and 
disappeared  when  planned,  and  then  the  video  ended. 
But  when  it  looped  things  went  wrong:  Instead  of  waiting 
until  frame  30,  the  text  animation  started  on  frame  1 
along  with  the  video,  and  when  the  text  object  finished  it 
started  for  a  third  time  before  the  second  run  of  the  video 
had  finished! 

We  had  to  get  help  from  Wildform  support  (not  bad;  a 
complete  and  accurate  answer  in  less  than  five  hours). 
Turns  out  that  we  needed  to  add  specific  timeline  objects 
to  restart  the  entire  timeline.  Even  though  we  had  looked  in 
the  help  files,  this  was  anything  but  obvious. 

On  the  other  hand,  we  have  also  created  a  number  of 
Flash  animations  that  work  perfectly  well  and  are  quite 
eomplicated.WildPresenter  is  an  ambitious  product  and  its 
flaws  are  mostly  things  you  can  work  around. 

Right  now  it  is  priced  at  $299,  instead  of  its  regular  $499, 
and  at  that  price  the  product  is  a  reasonable  investment. 
Despite  our  criticisms,  we  really  like  the  product.  Wait  until 
you  see  the  screensaver! 

Flash  your  thoughts  on  Gibbsblog  or  drop  us  a  line  at  gear 
head@gibbs.com. 


CoolTools 


Quick  takes  on  high-tech  toys.  Keith  Shaw 


Do  you  remember  all  of  those  employees  who  brought 
home  wireless  LAN  equipment  and  then  started  bringing 
their  cards  and  access  points  into 
the  workplace?  If  you  thought  that  was  a 
mess,  get  ready  for  Wave  2  —  the 
Wi-Fi  cell  phone. 

At  the  recent  CT1A  Wireless 
2006  show  in  Las  Vegas,  Nokia  and 
Samsung  Mobile  displayed  mobile 
phones  that  included  a  Wi-Fi  radio 
in  addition  to  the  normal  wide-area 
wireless  radio. 

These  vendors  weren’t  the  first  to  do 
this,  but  these  models  were  the  first  ones 
geared  to  a  consumer  audience. The  ear¬ 
lier  devices  were  geared  to  enterprise  cus¬ 
tomers  who  want  to  use  Wi-Fi  in  an  IT-con- 
trolled  environment,  such  as  a  college  cam 
pus  or  warehouse,  as  well  as  integrate  with 
existing  VoIP  or  PBX  infrastructures. 

The  Nokia  6136  and  Samsung  T709  are  geared 

to  the  Best  Buy/Circuit  City/mall  kiosk  crowd.  For 

example,  the  Samsung  T709  lets  calls  channel  from 

a  Wi-Fi  access  point,  through  the  Internet  and 

onto  a  cellular  network  to  give  users  uninter-  -JL  ®  'a  1  fi~tSAl!!SUn^ 

5  T709  are  some  of  the  first  con- 


rupted  connections  when  traveling  between 
home  and  office  or  while  on  the  road. 


sumer-aimed  cell  phones  with  Wi-Fi 
capabilities.  You've  been  warned. 


A  phone  that  uses  Wi-Fi  and  a  cellular  connec¬ 
tion  could  mean  trouble  for  network  managers. 
Imagine  this  help  desk  query  from  the  vice  presi¬ 
dent  of  sales.  “Yeah,  I  was  making  a  cell  phone  call 
with  my  spankin’  new  cell  phone,  and  I  walked  into  a 
stairwell  and  the  call  dropped  —  I  just  lost  the  $100  mil¬ 
lion  deal  I  was  working  on.” 

The  vice  president  might  not  have  realized  that  the  call 
he  was  making  connected  via  the  internal  Wi-Fi  network  in¬ 
stead  of  the  regular  cell  network  —  all  he  knows  is  that  the 
call  dropped,  and  he  may  blame  you. 

Just  like  they  started  asking  for  WLANs  in  the  workplace,  users 
will  start  asking  for  better  WLAN  coverage  for  voice  applications.  I 
discussed  this  issue  with  the  head  of  the  Wi-Fi  Alliance  at  the  CT1A 
show,  and  he  admitted  that  most  enterprise  WLANs  were  designed  for 
wireless  data,  not  wireless  voice. 

He  suggested  that  the  best  way  for  a  company  to  find  out  where  its  wire¬ 
less  coverage  holes  are  is  to  add  Wi-Fi-enabled  phones  to  the  network  and 
have  people  walk  around  the  office  and  wait  for  the  calls  to  drop. 

Last  year  when  Network  World  tested  the  ability  for  WLAN  systems  (enter¬ 
prise  switches  and  access  points)  to  handle  wireless  VoIP  traffic,  the  results 
were  dismal.  We  hope  that  when  we  test  these  systems  again  later  this  year  the 
numbers  will  improve. 

At  any  rate,  the  clock  is  ticking  for  you  to  start  improving  your  WLAN  network 
before  other  vendors  come  out  with  their  Wi-Fi  cell  phones  and  you're  inundated 
with  employees  pounding  your  WLAN  with  voice  traffic. 

For  more  details  about  new  cell  phones  launched  at  CTIA,  check  out  the  Cool  Tools 
bonus  online  coverage  (w ww.nwdocfinder.com/ 303 7),  as  well  as  our  video  coverage 
of  the  show,  where  Shaw  tries  to  Find  a  cool  new  phone  to  replace  his  3-year-old 
model.  Shaw  can  be  reached  at  kshaw@nww.com. 
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Each  week  Network  World  delivers  an 
extensive  line-up  of  product,  service  and 
industry  news,  analysis,  case  studies,  buyer's 
guides,  expert  opinion  and  management 
advice  that  Network  IT  Executives  rely  on 
to  get  their  job  done. 

Your  FREE  subscription 
will  include ... 

•  New  product  information  and  reviews  that  break 
through  vendor  hype  and  put  you  in  control  of  your 
technology  purchases 

•  Implementation  strategies  and  security  tips  and  tricks 
that  you  can  use  to  improve  your  infrastructure  and 
boost  your  company's  competitive  standing 

•  Tried-and-true  management  strategies  to  help  you 
boost  your  network  career 

l 

— 1  •  An  insider's  view  on  how  your  competitors  are  using 

new  technology  to  their  business  advantage 

Plus  our  Special  Signature  Series 
Issues — Each  Signature  Series  issue  provides  insights, 
opinions  and  information  on  an  important  aspect  of  the 
industry  to  give  you  the  clearest  picture  of  the  current 
trends  and  trendsetters  in  the  Network  IT  market. 
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apply,  nww.com/free05 
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Two  industry  experts  debate  the  merits  of  application  awareness  vs.  application  transparency. 


Do  users  need  application-aware 
networks? 


Organizations  today  employ  widely  distributed  IP  networks  that  deliver  Web- 
based  and  client/server  applications  worldwide.  Even  with  ample  bandwidth, 
application  performance  can  slow  to  a  snail’s  pace  in  this  environment,  seri¬ 
ously  hindering  a  company’s  ability  to  do  business. 

To  address  this  challenge,  networks  need  to  become  more  application-aware.That  is, 
intelligent  networks  must  be  able  to  identify  and  understand  Layer  7  application  proto¬ 
cols  to  optimize  or  carry  out  application-specific  messages.  By  identifying  types  of 
application  messages, such  as  high-priority  and  latency-sensitive  signaling  messages,  or 
by  recognizing  message  content, such  as  a  purchase  order  or  stock  trade,  a  network  can 
apply  message-specific  optimization,  security  or  routing  policies.  With  greater  applica¬ 
tion-aware  functionality  remote  offices  can  experience  LAN-like  performance,  boosting 
employee  productivity. 

Application-aware  networks  also  enable  IT  managers  to  monitor  application  perfor¬ 
mance  constantly  and  optimize  bandwidth  and  spot  trouble  early  This  enhances  appli¬ 
cation  operation  and  the  overall  IT  infrastructure  —  all  without  the  huge  expense  of 
building  out  a  network  or  reworking  applications. 

For  example, a  major  insurance  company  began  to  deploy  a  homegrown, Web-based 
application  that  had  taken  more  than  two  years  to  develop. The  application  tested  well 
in  the  data  center, so  the  company  was  optimistic  about  delivering  an  important  claims- 
processing  function  to  its  many  branches  across  North  America.The  deployment  hit  a 
serious  snag,  however,  when  employees  tried  to  access  the  application  over  their  WAN. 
Application  performance  slowed  to  a  crawl,  and  frustrated  workers  began  to  miss  their 
quotas.  An  application  that  was  supposed  to  boost  productivity  reduced  it  instead,  forc¬ 
ing  a  premature  halt  to  the  rollout. 

Upgrading  the  network  itself  was  irrelevant,  as  bandwidth  utilization  was  less  than 
20%  and  upgrading  would  have  done  nothing  to  mitigate  the  latency.  Alternatively, 
the  company  could  have  rewritten  the  claims  application  to  minimize  the  number 
of  traversals,  but  rejected  this  option.  Instead,  it  chose  to  deploy  affordable  applica¬ 
tion-aware  network  devices  that  understood  its  Web  protocol.  By  so  doing,  the  net¬ 
work  became  more  efficient  in  delivering  the  performance  employees  needed.  In 
fact,  application  response  time  improved  2.5  times  without  changes  to  the  applica¬ 
tion  or  user  systems. 

Today  the  extended  enterprise  infrastructure  is  expected  to  support 
the  most  demanding  business  applications  efficiently  and  securely  on 
a  limited  budget.  Many  options  exist,  but  organizations  are  discovering 
that,  by  embedding  intelligence  and  common  functions,  application- 
aware  network  products  offer  a  more  easily  managed  and  more  afford¬ 
able  way  to  deliver  higher  levels  of  performance  and  add  greater  func¬ 
tionality  across  an  IT  infrastructure. 


The  emerging  service-oriented  architecture  is  introducing  better  ways  to  inte¬ 
grate  business  processes,  and  business  managers  are  demanding  SOA-based 
applications.  These  demands  for  SOA  must  be  balanced  with  other  enterprise 
network  initiatives  such  as  data  replication, VoIP  and  LAN  extension. The  WAN  impli¬ 
cations  of  these  emerging  applications  are  profound:  exponential  increases  in  traffic 
volume,  more  sensitivity  to  network  latency,  less  predictable  traffic  patterns  and 
increasing  difficulty  in  identifying  high-priority  traffic. 

In  such  an  environment,  there  is  value  in  load  balancing  and  prioritizing  application 
flows.  Application  awareness  and  control  belongs  at  the  edge  of  the  LAN,  however,  not 
in  core  network  elements.  Higher-layer  functions  best  reside  on  servers  and  ancillary 
equipment  that  are  tightly  bound  to  supported  applications. 

In  an  on-demand  IT  world  where  the  performance  of  critical  applications  is  becom¬ 
ing  increasingly  more  strategic,  building  application  awareness  into  WANs  is  a  funda¬ 
mentally  flawed  approach.  Consider  these  issues: 

•  The  unnecessary  bind.  Coupling  ever-evolving  applications  with  stable  network  ele¬ 
ments  doesn’t  make  economic  or  operational  sense.  In  grafting  the  added  hardware 
and  software  necessary  for  application  awareness  onto  WAN  equipment,  users  will 
experience  cost  and  performance  penalties  as  they  attempt  to  optimize  WAN  archi¬ 
tectures  based  on  packet  inspection,  which  potentially  increases  latency  and  dimin¬ 
ishes  throughput  for  SOA  and  other  enterprise  applications. 

•  Business  flexibility.  Pairing  network  elements  and  applications  hinders  organiza¬ 
tions  from  adapting  quickly  to  their  fast-changing  IT  needs.  If  applications  are  inextri¬ 
cably  linked  to  WAN  elements,  IT  systems  and  networks  struggle  to  react  swiftly  and 
organizations  lose  their  agility 

•  Operational  complexity  and  cost.  Application  awareness  complicates  an  IT  group’s 
ability  to  ensure  applications  are  responding  to  user  needs.  By  taking  on  tasks  tradi¬ 
tionally  supported  by  servers  and  middleware,  application-aware  elements  add  to  the 
operational  expense  of  a  WAN. 

By  contrast,  an  application-transparent  network  optimizes  bandwidth  and  switches 
traffic  at  the  lowest  possible  layer  —  leveraging  new,  flexible  optical  transport  and 
Ethernet  data-switching  technologies.  This  enables  the  cost-effective  creation  of  net¬ 
works  that  provide  maximum  throughput,  inherent  security  and  the 
lowest  latency  for  each  application. Lower-layer, application-transparent 
networks  are  very  reliable,  don’t  drop  packets  and  deliver  a  determin¬ 
istic  response.They  are  scalable  and  ideal  for  high-bandwidth, time-sen¬ 
sitive,  mission-critical  business  processes. 

Organizations  need  a  WAN  that  is  simple,  robust,  high  performing  and 
transparent  —  attainable  with  the  flexible  optical  and  data  network  plat¬ 
forms  now  available 
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Have  your  say 

Log  on  to  Network  World  to  voice  your 
opinion.  Face-off  authors  Issy  Ben-Shaul 
and  Raghu  Ranganathan  will  add  their 
thoughts  to  the  discussion. 


Ben-Shaul  is  director  of  engineering  of  Cisco’s  Application  Delivery 
Business  Unit.  He  can  be  reached  at  issy@cisco.com. 


www.nwdMfinder.com/3021 


Ranganathan  is  technology  director  in  the  office  of  the  CTO  at  Ciena. 
He  can  be  reached  at  rraghu@ciena.com. 
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E-MAIL  NEWSLETTER  SHOWCASE:  Web  applications 

Customers  make  good  use  of 
wikis  to  combat  e-mail  overload 


BY  MARK  GIBBS 

E-mail  overload  is  a  common  corporate  phenomenon. 
Someone  makes  a  single  contentious  comment  or  a  news 
item  gets  everyone  fired  up  and  suddenly  your  e-mail  vol¬ 
ume  quadruples  and  you  find  yourself  wading  through 
scads  of  “me  too”  messages  so  as  not  to  miss  anything. 

A  somewhat  surprising  solution  to  this  problem  seems 
to  be  the  Web-based  collaboration  systems  called  “wikis”. 
Wikis  are  collaborative  content  management  systems  of 
which  one  of  the  most  famous  is  Wikipedia,  a  public  wiki- 
based  encyclopedia. 

Inside  organizations,  wikis  are  becoming  more  com¬ 
mon  not  only  because  they  appear  to  help  with  the  e-mail 
overload  problem  —  a  Business  Week  story  quoted  invest¬ 
ment  bank  Dresdner  Kleinwort  Wasserstein’s  CIO  as  esti¬ 
mating  that  adoption  of  a  wiki  reduced  project-related 
e-mail  by  75%  and  cut  meeting  times  in  half. 

Socialtext,  the  wiki  adopted  by  Dresdner  Kleinwort 
Wasserstein  to  replace  its  existing  intranet  for  7,000  global 
employees,  is  a  great  example  of  a  wiki  designed  for  enter¬ 
prise  operation. 

Socialtext  provides  the  infrastructure  for  not  only  col¬ 
laboration  but  also  for  blogging,  integrates  with  e-mail 
and  instant  messaging  services,  provides  search  facilities 
with  tagging,  and  includes  basic  content  management 
functions.  It  can  be  customized,  provides  access  and 
basic  content  workflow  management,  and  uses  SSL  along 
with  a  comprehensive  user  rights  management  system 
that  can  be  integrated  with  corporate  Active  Directory 
and  LDAP  systems. 

There  are  three  deployments  of  Socialtext  available: 


Socialtext  Enterprise  designed  for  user  populations  of  up 
to  50,000  is  based  on  a  dedicated  appliance;  Socialtext 
Professional,  a  hosted  solution  suitable  for  up  to  500  peo¬ 
ple;  and  Socialtext  Personal,  available  on  the  hosted  ser¬ 
vice  for  up  to  5  people  for  free. 

Pricing  for  the  Enterprise  version  is  based  on  applica¬ 
tion,  while  the  Professional  version  starts  at  $95  per  month 
for  up  to  19  users. 

Socialtext  already  makes  some  components  available 
as  open  source  (a  Web  editor  and  a  wiki  anti-spam  sub¬ 
system)  and  a  full  version  of  the  Socialtext  wiki  code  with 
an  open  API  is  planned  for  later  this  year. 

Socialtext  has  some  impressive  customer  wins  includ¬ 
ing  Nokia,  Kodak,  and  the  previously  mentioned  Dresdner 
Kleinwort  Wasserstein. 

Researching  the  background  of  wiki  use,  including  the 
customers  of  Socialtext,  indicates  that  like  all  new  ways  to 
improve  on  existing  services  introducing  wikis  requires  a 
carefully  managed  rollout  and  some  real  effort  at  user 
training  and  reorientation. 

For  example, a  group  of  heavy  e-mail  users  is  going  to  be 
hard  to  migrate  to  a  wiki  without  serious  “re-education.” 

As  always,  the  golden  rule  to  ensure  cost  effective 
implementation  of  new  strategic  IT  solutions  is  incre¬ 
mental,  instrumented  deployment  within  functional 
groups.  Get  that  right  and  the  world,  or  at  least  the  wiki, 
is  yours. 

Gibbs  is  a  columnist  for  the  Gearhead  and  BackSpin 
columns  each  week.  He  can  be  reached  at 
backspin  @gibbs.  com. 


E-MAIL  NEWSLETTER  SHOWCASE:  Linux 

Getting  the  facts  on  Microsoft's 
other  Linux  Web  site 


BY  PHIL  HOCHMUTH 

“Dogs  and  cats  living  together,  mass  hysteria!” —  Dr.  Peter 
Venkman  in  the  movie  “Ghost  Busters”. 

Were  not  quite  there  yet,  but  some  curious  develop¬ 
ments  emerged  last  week  regarding  Windows,  Linux  and 
Macintosh  interoperability.  The  big  news  was  Apple’s 
announcement  of  a  dual-boot  Mac/Windows  XPThen 
there  was  the  launch  of  Microsoft’s  Linux/open  source 
Web  site.  Yes,  you  read  it  correctly;  it’s 
not  a  sentence-long  typo. 

This  site  —  http://port25.technet.com 
—  announced  last  week  at  Linux- 
World,  is  the  official  portal/blog  for 
Microsoft’s  open  source  interoperabil¬ 
ity  initiatives.The  site  is  run  by  Bill  Hilf, 
who  is  in  charge  of  the  Linux  and  open 
source  lab  on  the  Redmond  campus. 

Named  for  the  protocol  port  for  e-mail 
servers  on  the  Internet,  Port  25’s  goal  is 


to  give  updates  on  Microsoft  projects  aimed  at  making  its 
software  compatible  and  interoperable  with  Linux  and 
open  source  applications. 

By  now,  you’ve  probably  seen  Microsoft’s  other  Linux- 
related  Web  portal  (www.getthefacts.com),  where  the 
software  giant  aggregates  all  the  studies,  surveys,  white 
papers  and  other  materials  that  point  out  the  lack  of  cost 
savings  and  complexity  in  moving  from  Windows  to 
Linux  servers. 

“The  great  thing  is  that  as  a  market 
we’ve  gotten  past  the  David  and 
Goliath  stuff,”  said  Hilf  during  his 
LinuxWorld  keynote  last  week,  re¬ 
garding  Linux/Windows  relations 
and  interoperability  efforts. 

When  Microsoft  puts  as  much  mar¬ 
keting  muscle  behind  Port  25  as  it 
does  GetTheFacts,  maybe  that  will  be 
true.  ■ 
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Vendor  Solutions  for  Your  IT  Challenges 

COMPANY:  Lucent  Technologies 

OVERVIEW:  Industry  and  financial  analysts  have 
ranked  Lucent  first  in  vision,  technology,  functionality 
and  market  share  in  network  management.  Only  Lucent 
offers  enterprises  an  in-depth  portfolio  of  industry 
leading,  award-winning  software  solutions  to  help  man¬ 
age  all  aspects  of  IT  network  operations — effectively, 
efficiently,  and  with  unparalleled  ROI. 

CHALLENGE:  As  networks  continue  to  grow  in  size 
and  complexity,  IT  managers  face  the  increasing  chal¬ 
lenge  of  handling  more  IP  devices,  greater  traffic  vol¬ 
umes,  and  new  technologies. This  drives  the  need  for  a 
secure,  scalable,  centralized  and  fault  tolerant  IP  address 
management  and  DNS/DHCP  infrastructure.  A  simple 
spreadsheet  or  homegrown  solution  will  no  longer  pro¬ 
vide  the  necessary  features  and  functionality  to  make 
the  network  robust,  flexible  and  always  available. 

SOLUTION:  Successful  IT  management  begins  with 
automated  IP  address  management,  and  successful  IP 
management  begins  with  VitalQIP®  DNS/DHCP  and  IP 
Management  Software.  Market-leading  VitalQIP®  soft¬ 
ware  helps  you  efficiently  configure,  automate,  integrate 
and  administer  IP  services  across  your  entire  network — 
locally  or  globally. This  powerful  management  software 
centralizes  planning  and  administration,  enabling  you 
to  rapidly  provision  address  space  and  reliably  deliver 
critical  IP  name  and  address  services.  Compatible  with 
multiple  technologies  and  platforms,  it  helps  you 
streamline  management  tasks  with  a  comprehensive 
suite  of  integrated  tools  and  user  interfaces. 

Performance  proven  in  high-volume  network  environ¬ 
ments,  and  demonstrated  to  support  applications  with 
millions  of  individual  IP  addresses  and  thousands  of 
domains,  IDC  has  ranked  VitalQIP®  software  as  the  undis¬ 
puted  market-leading  IP  address  management  solution 
for  the  past  six  years. This  innovative  software  has  also 
received  numerous  honors  and  awards,  including  the 
Network  World  Clear  Choice  award  for  Best  IP  Address 
Management  Software. 

Automate  your  essential  IP  name  and  address  services 
needs  with  the  same  solution  deployed  by  Global  1000 
companies  and  top  Service  Providers.  Simplify  your 
operations,  centralize  your  network  control  and  reduce 
administrative  expense.  Start  realizing  the  VitalQIP® 
software  advantage. 

For  more  information  visit  our  Resource  Center  at 

http://www.networkworld.com/lucentqip 


Lucent  Technologies 

Bell  Labs  Innovations 

888-4Lucent 
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Virtualization: 

The  time  has  come 

The  virtualization  ember  that  VMware  fanned  into  a  fire 
is  about  to  explode  into  a  conflagration  as  major  play¬ 
ers  pour  on  fuel.  Consider  these  developments: 

•  Microsoft  just  started  giving  away  Virtual  Server  2005 
Release  2  and  has  announced  it  will  provide  support  under 
current  Virtual  Server  contracts  for  Linux  guest  operating  sys¬ 
tems  (www.nwdocfinder.com/304 7).  Native  virtualization 
support  will  be  built  into  Longhorn. 

•  Red  Hat  is  building  support  for  Xen  3.0  into  Red  Hat 
Enterprise  Linux  5;SuSE  Linux  10.0  comes  with  a  technologi¬ 
cal  preview  of  Xen  3;  and  XenSource  is  reading  a  packaged 
version  of  its  virtualization  technology  called  XenEnterprise. 

•  AMD  and  Intel  are  building  virtualization  support  into 
processors.  Hardware-assisted  virtualization,  Intel  says,  will 
improve  performance  by  making  the  hardware  handle  hand- 
offs  between  the  virtualization  layer  and  guest  operating  sys¬ 
tems,  and  eliminate  control  conflicts  by  providing  a  “higher 
privilege  ring  for  the  virtual  machine  monitor;’ among  other 
benefits.  Intel  Xeon-based  systems  with  the  new  capabilities 
are  expected  to  ship  in  the  first  half  of  this  year  and  Itanium 
2  in  the  second  half. 

Buyers  are  excited  about  the  prospects,  particularly  about 
how  virtualization  will  make  it  possible  to  increase  server  uti¬ 
lization  and  allow  server  consolidation.“Virtualization  is 
huge  for  us,”  a  senior  vice  president  at  a  large  Northeast 
financial  institution  says. 

His  firm  is  getting  9%  to  14%  server  utilization  today  and  he 
expects  virtualization  will  drive  that  to  60%  to  80%  in  his  IBM 
Unix  environment  and  50%  to  60%  on  the  VMware/Wintel 
side. 

In  a  keynote  address  at  the  recent  LinuxWorld  conference 
in  Boston,  Dell  CTO  Kevin  Kettlersaid  virtualization  plays  an 
important  role  in  his  company’s  scalable  enterprise  vision.  He 
sees  customers  moving  to  environments  built  on  one,  two 
and  four  socket  systems  (sockets  instead  of  processors 
because  sockets  can  be  multicore). Customers  will  be  able  to 
pay  as  they  grow  instead  of  investing  in  monolithic  systems. 

Surprisingly,  Kettler  predicts  the  future  of  virtualization  will 
be  driven  by  desktop  opportunities. 

He  anticipates  a  need  for  desktops  to  be  able  to  support 
multiple  virtual  machines  dedicated  to  different  tasks.  One 
VM,  for  example,  might  support  a  secure  browser  that,  if  it 
gets  infected,  can  be  killed  off  without  hurting  anything  else, 
while  a  second  might  support  a  software  stack  for  gaming,  a 
third  could  be  dedicated  to  media  serving,  etc. 

"These  encapsulated  environments  would  in  many  ways  be 
appliance-like  in  nature,”  he  said. 

Wile  that  may  be  a  few  years  off,  there  is  plenty  to  get  excit¬ 
ed  about  in  the  enterprise. 


—  John  Dix 
Editor  in  chief 
jdix@nww.com 


Novell  mind  share 

“Does  Novell  still  have  mind  share?”  (www.nw 
docfinder.com/3026)  rounds  up  the  usual  suspects 
who  seem  unfamiliar  with  what  Novell  has  been 
doing  since  1994. 1  particularly  liked  the  guy  who 
“recently  looked  at  Novell  for  directory  services  and 
Linux”  and  decided  to  write  his  own  metadirectory 
to  use  with  Red  Hat  Linux.  Gee,  I  guess  Novell  wast¬ 
ed  a  lot  of  time  and  money  creating  a  distributed 
and  replicated  directory  service  that  runs  on  Linux, 
NetWare,  Solaris  and  Windows  when  someone 
could  just  sit  down  and  hack  one  out  on  their  own. 

Then  there  is  always  someone  who  complains 
about  Novell’s  marketing.  I’ve  noticed  a  steady 
stream  of  Novell’s  print  ads  gracing  the  pages  of 
industry  publications  for  quite  some  time.  I  can’t 
vouch  for  their  effectiveness,  but  Novell  is  putting  out 
its  message  about  how  its  products  and  services 
help  organizations  create  an  open  enterprise. 

Because  everyone  loves  a  horse  race,  there  is  now 
the  mandatory  comparison  of  Novell  and  Red  Hat 
over  which  has  the  larger  share  of  the  Linux  market. 
Never  mind  the  interesting  stuff,  such  as  how  well 
Red  Hat  is  doing  with  the  Netscape  Directory  Server 
vs.  Novell’s  multiplatform  eDirectory  Or  how  Novell 
has  implemented  Virtual  Iron’s  extensions  to  the 
Linux  kernel  in  SuSE  Linux  Enterprise  Server  9 
Service  Pack3  and  SLES10  while  Red  Hat  Enterprise 
Linux  (RHEL)  4  doesn’t.  Or  how  Novell  will  support 
NetWare  6.5  virtualization  on  SLES10  using  the 
XENsource  Hypervisor  while  Red  Hat  is  slow  to 
commit  to  XEN.  Seems  obvious  to  me  that  Novell  is 
making  solid  technical  improvements  in  SLES  while 
Red  Hat  lags  behind  with  RHEL. 

Novell  is  scoring  big  wins  with  many  customers 
who  are  smart  enough  to  know  the  value  Novell 
brings  to  the  table. You  should  be  talking  to  them  to 
find  out  why  they  chose  Novell  and  stop  printing 


vapid  quotes  from  people  who  care  nothing  about 
what  Novell  is  doing. 

Tim  Wessels 
Rindge,  N.H. 

Taxing  teleworkers 

Regarding  “Bird  flu:  IT  pros  planning  for  worst” 
(www.nwdocfinder.com/3027):  While  telework  will 
be  an  essential  tool  for  helping  businesses  sustain 
operations  in  the  event  of  a  flu  pandemic,  the  price 
tag  that  states  may  slap  on  this  emergency  manage 
ment  strategy  may  be  exorbitant.  Some  states 
(including  New  York  and  others)  may  require  non¬ 
residents  who  sometimes  telecommute  to  their  in¬ 
state  employers  to  pay  taxes,  not  only  on  the  income 
they  earn  while  physically  in  the  employer’s  state, 
but  also  on  the  income  they  earn  at  home. The  dou¬ 
bletax  risk  can  make  telework  unaffordable  for 
many  Americans  and  may  compel  them  to  resist 
remote  work.  In  addition,  the  rule  may  saddle 
employers  with  unduly  burdensome  withholding 
obligations.  Proposed  federal  legislation  called  “The 
Telecommuter  Tax  Fairness  Act”  would  eliminate  the 
tax  penalty  for  interstate  telework,  prohibiting  states 
from  taxing  income  that  nonresidents  earn  at  home. 
If  employees  and  employers  are  to  prepare  ade¬ 
quately  for  a  pandemic,  barriers  to  interstate  tele 
work  must  be  removed  —  and  fast.  Congress  must 
pass  The  Telecommuter  Tax  Fairness  Act  now. 

Nicole  Belson  Goluboff 
Scarsdale,N.Y 

( Goluboff  is  the  author  of  The  Law  of 
Telecommuting  and  Telecommuting  for  Lawyers 
and  an  advisory  board  member  of  The  Telework 
Coalition.) 

E-mail  letters  to  jdix@nww.com  or  send  them  to  John  Dix,  editor  in 
chief,  Network  World,  11 8  Turnpike  Road,  Southborough,  MA  01772. 
Please  include  phone  number  and  address  hr  verification. 


nww.com 


Readers  respond  Find  out  what  readers  are  saying  about  these  and  other  topics. 

www.nwdocfinder.Gom/1030 


4.17.06  •  www.networkworld.com  •  37 


TOTALLY  UNPLUGGED 
Ira  Brodsky 


ABOVE  THE  CLOUD 
James  Kobielus 


Wireless  and  the  great  indoors 


With  mobile  phone  service  available  in  more 
than  210  countries,  blanketing  most  major 
cities,  you  might  think  rural  areas  are  the 
top  priority  for  extending  wireless  coverage. 

You  would  be  wrong. There  is  an  urgent  need 
for  better  wireless  coverage  much  closer  to 
home.  In  fact,  it’s  inside  the  home  —  and  all 
other  buildings. 

There  are  now  more  wireless  phone  subscribers 
worldwide  than  wireline  phone  subscribers.  In 
developing  countries, a  mobile  phone  is  often  the 
users  first  phone.  In  developed  countries,  a  grow¬ 
ing  number  of  consumers  and  enterprises  are 
making  mobile  phones  their  primary  phones. 

In  other  words,  what  started  as  a  car  phone  for 
the  rich  is  now  a  personal  voice/data  communi¬ 
cator  for  roughly  one-third  of  the  earths  inhabi¬ 
tants.  Pbople  take  their  mobile  phones  every¬ 
where  and  expect  them  to  work  everywhere  — 
in  homes,  office  buildings,  hotels,  convention 
centers  and  even  subways.  Outdoor  cell  sites,  by 
themselves,  will  probably  never  provide  ade¬ 
quate  indoor  coverage.  Office  buildings  often 
contain  steel,  thermal  windows  and  other 
materials  that  attenuate  radio  signals.  Homes 
can  be  obstructed  by  hills  and  foliage.  Plus,  high¬ 
speed  services  such  as  streaming  video  and 
downloading  games  require  better  signals,  so  a 


building  with  acceptable  voice  coverage  may 
exhibit  unacceptable  data  coverage. 

The  network  industry  is  responding  to  this 
challenge  in  different  ways,  and  it  will  be  inter¬ 
esting  to  see  how  it  plays  out.  Companies  such  as 
ADC,  Andrew  Corp.,  Comba  Telecom,  Dekolink 
and  LGC  Wireless  are  providing  coverage  inside 
midsize  to  large  facilities  using  repeaters  and 
distributed  antennas. 

The  Nextel  side  of  Sprint-Nextel  has  been  par- 

. . .  consumers  and 
enterprises  are  making 
mobile  phones  their 
primary  phones. 

ticularly  aggressive  in  convincing  enterprises  to 
use  its  mobile  phones  indoors.  Push-to-Talk  and 
Talkgroup  features  make  Nextel’s  service  an  espe¬ 
cially  good  fit  for  enterprise  users.The  firm  works 
with  infrastructure  suppliers  to  ensure  coverage 
throughout  a  customers  premises  using  repeaters 
or  micro  base  stations. 

In  addition,  wireless  LAN  (WLAN)  and  mobile 
phone  industries  are  jointly  addressing  the  in¬ 
building  challenge.WLAN  makers  are  adding  VoIP 


to  their  products  while  mobile  phone  manufac¬ 
turers  are  adding  Wi-Fi  to  handsets.  Cellular  infra¬ 
structure  suppliers  are  developing  solutions  for 
handing  calls  and  data  sessions  back  and  forth 
between  mobile  phone  networks  and  WLANs. 

People  are  not  only  relying  more  on  mobile 
phones,  some  are  disconnecting  their  wireline 
phones.  But  they  have  to  have  coverage  through¬ 
out  the  entire  home  —  basement  included. 

Ensuring  mobile  phone  coverage  inside 
homes  is  a  unique  challenge.  WLANs  are  popu¬ 
lar  for  sharing  high-speed  Internet  connections 
in  homes,  making  the  converged  approach 
attractive.  Some  vendors  are  developing  pico 
base  stations  for  homes,  but  these  tend  to  be 
expensive.  A  third  solution,  using  low-cost 
repeaters,  can  only  be  done  in  close  collabora¬ 
tion  with  mobile  phone  operators  because  it’s 
their  licensed  spectrum  that’s  being  reused. 

People  spend  most  of  their  time  inside  build¬ 
ings.  So  it’s  no  surprise  consumers  and  enter¬ 
prise  users  demand  seamless  wireless  voice  and 
data  coverage  indoors  and  outdoors.  What’s  sur¬ 
prising  is  that  it  has  taken  this  long. 

Brodsky  is  president  of  Datacomm  Research 
Co.  of  St.  Louis.  He  can  be  reached  at  ibrod 
sky@datacommresearch.  com. 


DRM  will  prevail,  like  it  or  not 


Digital  rights  management  is  a  technology 
with  many  ideological  enemies.  DRM  got  a 
black  eye  in  the  business-to-consumer  mar¬ 
ket  recently  from  such  public  relations  fiascos  as 
Sony’s  XCP  rootkit.  In  that  incident,  the  media 
giant  inadvertently  violated  users’  desktop  securi¬ 
ty  in  an  ill-conceived  effort  to  enforce  CD-music 
anti-piracy  controls. 

Don’t  let  the  anti-DRM  hysteria  fool  you  into 
thinking  the  technology  is  on  the  decline  or  that 
it  won’t  be  widely  deployed.  DRM  isn’t  evil.  It’s 
coming  on  strong  from  many  directions,  with 
DRM  vendors  developing  many  innovative 
approaches  —  most  of  which  don’t  involve  root- 
kits.  Some  DRM  vendors  wrap  access  and  usage 
policy  around  downloadable  content,  while  oth¬ 
ers  enforce  DRM  controls  at  access  management 
portals  or  in  the  firmware  of  content  streaming  or 
playback  clients. 

It’s  only  a  matter  of  time  before  DRM, in  various 
forms,  plays  a  role  in  many  information 
exchanges  over  the  Internet  and  within  corpo¬ 
rate  environments.  It  has  gained  significant  atten¬ 
tion  in  the  business  world  as  a  tool  for  ensuring 
life-cycle  controls  on  access  to  sensitive  mes¬ 
sages  and  documents.lt  is  being  used  to  enforce 
security  classifications  on  internally  distributed 
materials  within  organizations.  It  also  is  being 
used  to  keep  tabs  on  who  accesses  what  infor¬ 
mation  and  to  prevent  users  from  performing 
certain  document  functions  —  such  as  printing, 
copying/pasting  and  forwarding  —  forbidden  by 
the  content’s  owners. 

EMC’s  recent  acquisition  of  DRM  pioneer 


Authentica  is  a  significant  industry  development. 
EMC  is  a  leader  in  the  data  storage  market  but 
also  owns  leading  content  management  and  col¬ 
laboration  product  families:  Documentum  and 
eRoom,  respectively  Don’t  be  surprised  to  see 
EMC  embed  Authentica’s  DRM  technology  across 
all  of  its  hardware  and  software  products,  thereby 
providing  a  unified  policy  environment  for  con¬ 
tent  owners  to  enforce  life-cycle  controls  on  user 
access  to  storage,  folders,  documents,  messages 
and  other  content  containers. 

Microsoft,  another  powerful  DRM  supporter,  is 
embedding  its  own  technology  in  its  products, 

DRM  vendors  [are]  devel¬ 
oping  many  innovative 
approaches  —  most  of 
which  don’t  involve  rootkits. 

including  Windows  Vista,  Office  and  various  serv¬ 
er-based  software  packages. 

Software  activation  is  another  area  where 
DRM  technology  is  being  applied  widely  in  the 
corporate  world. Software  activation  DRM  tools 
let  developers  enforce  a  wide  range  of  controls 
on  distribution,  installation  and  usage  of  their 
products. 

Anyone  who  takes  a  purely  ideological  stand 
against  DRM  should  heed  the  words  of  a  software 
developer  whose  commitment  to  open  code  is 
unimpeachable:  Linux  kernel  developer  Linus 
Torvalds.  In  January  Torvalds  went  on  record  as 
opposing  the  anti-DRM  restrictions  that  have 


been  proposed  for  GNU  General  Public  License 
Version  3  (GPLv3),  which  is  used  in  many  open 
source  projects.  Some  had  proposed  that  GPLv3 
prevent  GPL-licensed  open  source  software  from 
being  used  in  DRM  copy-protection  software. 

Torvalds  —  being  a  software  developer  —  is 
also  a  publisher  (of  program  code). One  of  a  pub¬ 
lisher’s  primary  interests  is  to  ensure  that  con¬ 
sumers  can  verify  the  authenticity  and  integrity  of 
their  published  works.  That  depends  on  a  crypto 
feature  called  digital  signatures,  which  requires 
that  content  originators  secure  their  private  sign¬ 
ing  keys. 

So  the  following  statement  from  Torvalds,  com¬ 
menting  on  a  proposed  anti-DRM  feature  of  the 
GPLv3  license,  makes  perfect  sense:  “I  think  it’s 
insane  to  require  people  to  make  their  private 
signing  keys  available,  for  example.  I  wouldn’t  do 
it,”  he  wrote. “So  I  don’t  think  the  GPL  v3  conver¬ 
sion  is  going  to  happen  for  the  kernel.” 

Before  long,  we’ll  see  the  anti-DRM  hysteria  die 
down  and  be  replaced  by  grudging  widespread 
acceptance  of  the  technology  Many  open  source 
developers  will  become  fervent  DRM  supporters. 
They  will  deploy  the  technology  to  ensure  that 
their  authorship  of  software  components  is 
always  and  everywhere  visible,  even  if  they  never 
make  a  dime  from  their  work. 

Kobielus  is  a  principal  analyst  at  Current  Analysis 
in  Alexandria,  Va.  He  can  be  reached  at  ( 703)340 - 
813  or  jkobielus@currentanafysis.com.  Tune  into 
his  blog  at  http://jkobielus.blogspot.com.  The 
opinions  expressed  are  his  own. 


SBC  traffic  cop’  controls 
VoIP  streams  at  the  border 


BY  EDWIN  MIER,  ANTHONY  MOSCO,  ROBERT  TARPLEY  AND  ROBERT  SMITHERS,  NETWORK  WORLD  LAB  ALLIANCE 

Is  there  a  session  border  controller  in  your  enterprises  VoIP  future?  If  you’re 
looking  to  expand  your  organization’s  VoIP  reach  —  to  VoIP-based  service 
providers,  to  other  enterprises  or  even  to  VoIP-interconnected  distributed 
sites  via  the  Internet  —  there  very  well  may  be. 


Functionally  an  SBC  is  a  traffic  cop:  It  facilitates  and 
mediates  VoIP  flows  in  real  time,  in  both  directions  between 
private  VoIP  domains:  an  enterprise  and  a  VoIP-based  ser¬ 
vice  provider  —  the  environment  we  tested  here  —  or  two 
service  providers.  SBCs  came  of  age  by  providing  peering 
connectivity  between  different  carriers’ VoIP  services  and 
only  recently  have  begun  penetrating  enterprises. 

There  is  no  universal  job  description  for  an  SBC. Certainly 
there  has  to  be  versatile  handling  ofVoIP  call-control  proto¬ 
cols,  such  as  Session  Initiation  Protocol  (SIP)  and  H.323, 
especially  amid  different  firewall  and  network  address 
translation  (NAT)  configurations.  And  there  needs  to  be 
some  security  safeguards  —  hiding  the  network  topology 
of  the  private  network,  for  example.  But  overall,  SBCs  are 
complex  and  costly  components,  coming  from  diverse 
backgrounds  and  offering  widely  varying  capabilities. 

We  invited  more  than  a  dozen  vendors  who  were  touting 
new  SBC  wares  earlier  this  year  to  submit  their  packages  for 
testing  in  Miercom’s  New  Jersey  lab.  Four  accepted  our 
challenge  for  this  feature-based  testing:  Ditech  Com¬ 


munications,  Ingate  Systems,  Mera  Systems  and  NexTone 
Communications. 

Despite  many  differences  in  the  feature  sets  of  these  prod¬ 
ucts  (see  “What  SBCs  do,”  page  44),  their  general  orienta¬ 
tions  lie  in  a  few  similar,  basic  areas,  including  VoIP  call  han¬ 
dling,  QoS  handling  and  security  capabilities.  Based  on  our 
assessment  in  these  areas,  our  Clear  Choice  Test  Award 
goes  to  NexTone’s  package,  the  Multiprotocol  Session 
Controller  (MSC)  coupled  with  its  iView  Management 
System  (iVMS).  NexTone’s  dynamic  VoIP  session  control, 
real-time  monitoring  with  active  error  and  threshold-limit 
notification,  calhlevel  reporting  system,  and  integrated  fire¬ 
wall  features  make  it  the  best  of  the  enterprise-focused 
SBCs  we  tested.  We  note,  though,  that  the  NexTone  package 
costs  considerably  more  than  the  competition  (more  than 
$100,000,  compared  with  $25,000  to  $38,000  for  the  others). 

NexTone  Communications 

One  strength  of  NexTone’s  Linux-based  MSC  was  its 
exceptional  management  and  reporting, augmented  by  the 


How  we  did  it 
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The  session  border  controller  (SBC)  test  bed  consist¬ 
ed  of  simulated  enterprise  and  carrier  sites,  con¬ 
nected  by  aT-1  IP  WAN  link.The  network  infrastruc¬ 
ture  at  both  sites  consisted  of  Extreme  Networks 
Summit48  L2  and  L3  switch/routers. Each  SBC  tested  was 
configured  and  inserted,  one  at  a  time,  into  the  test  bed. 
The  same  carrier-side  SBC,  a  leading  carrier-class  SBC 
from  Sansay, the  VSX,  Release  6.7.2,  was  used  in  all  cases. 

A  T-l  of  simulated  Session  Initiation  Protocol  (SIP) 
traffic  was  generated  and  delivered  from  the  carrier  side 
by  Touchstone  Industries’ WinSIP  (Version  2.4.7)  traffic 
generator.  Another  T-l  of  simulated  SIP  traffic  was  gen¬ 
erated  from  a  Spirent  Abacus  5000  (Version  3.2)  SIP  traf¬ 
fic  generator  from  inside  the  enterprise.  These  enter¬ 
prise  calls  were  terminated  at  their  respective  matching 
endpoints  at  the  carrier  site  across  the  WAN  link.  For 
consistency,  all  SIP  calls  and  traffic  from  the  enterprise 
had  to  traverse  the  Sansay  VSX  carrier  SBC.  This  also 
provided  a  rudimentary  view  of  SBC  interoperability. 


Tests  were  performed  to  assess  each  SBC’s  ability  to 
handle  standard-SIP  calls,  and  G.711-  and  G-729-encod- 
ed  Real-time  Transport  Protocol  (RTP)  VoIP  streams.The 
SBCs  were  set  to  pass  the  traffic  as  sent.  Voice  quality 
was  measured  using  automated  International 
Telecommunication  Union-standardized  PESQ,  PESQ- 
LQ  and  R-factor  algorithms.  Also  measured  were  jitter, 
call-setup  time  and  one-way  latency  In  addition,  if  sup¬ 
ported,  the  SBC’s  ability  to  transcode  the  traffic  to  the 
simulated  carrier  was  also  tested. 

Our  intent  with  this  testing  was  to  verify  features  and 
gauge  the  effects  of  SBC  processing  on  VoIP  traffic  flows. 
The  load  we  applied  was  a  modest  T-l’s  worth,  a  few 
dozen  concurrent  calls  in  both  directions.  These  prod¬ 
ucts  could  reasonably  be  expected  to  handle  hun¬ 
dreds,  perhaps  even  thousands,  of  concurrent  calls. 
Users  shopping  for  an  SBC  will  need  to  assure  that  call 
volumes  at  and  beyond  anticipated  loads  are  support¬ 
ed  on  a  sustained  basis. 


A  word  on  performance 

In  this  inaugural  test  of  session  border  controllers 
(SBC),  it  was  not  our  intent  to  get  into  the  minu¬ 
tiae  of  product  performance,  because  SBCs 
have  disparate  feature  sets  and  deployment 
options.  That  said,  we  can  make  some  general 
assessments  about  SBCs  based  on  the  results  of 
our  sending  modest  levels  of  Session  Initiation 
Protocol  call  traffic  through  them.  SBCs1  effects 
on  call  quality  varied  from  essentially  no  degrada¬ 
tion  (mean  opinion  score  [MOS]  of  4.5,  R-factor  of 
93)  to  measurable  degradation  (MOS  of  3.9,  R-fac¬ 
tor  of  85).  SBCs  also  could  add  to  call-setup  time 
and  latency;  the  extent  appears  to  vary  based  on 
the  power  of  the  SBC  hardware  platform. 


powerful  routing  engine  of  the  optional  iVMS.  NexTone 
could  be  set  up  to  adapt  dynamically  and  to  alter  opera¬ 
tional  behavior  involving  admission  control,  routing  priori¬ 
ties  and  bandwidth  allocation,  based  on  fluctuating  net¬ 
work  conditions  and  changed  user  or  application  behav¬ 
ior.  For  example,  we  observed  how  the  system  can  be  set  up 
to  divert  traffic  from  low-cost  VoIP  carrier  A  to  carrier  B,  if 
the  quality  measurements  of  calls  via  carrier  A  drop  below 
established  thresholds.  Also,  the  parameters  that  users  can 
apply  for  routing  decisions  by  NexTone’s  MSC  are  broader 
and  include,  for  example,  user  profile,  time  of  day  and 
desired  QoS  —  the  example  cited  earlier. 

The  iVMS  allows  routing  and  rerouting  of  calls  among 
carrier  services  and  trunks,  and  serves  up  extensive  VoIP- 
quality  reporting,  including  statistics  on  average  call  dura¬ 
tion  and  postdial  delay  We  exercised  the  routing  capabili¬ 
ties  of  this  product  by  setting  up  multiple  trunk  groups  and 
changing  conditions  to  cause  rerouting.  One  way  was  to 
unplug  a  gateway  and  see  if  calls  would  reroute  if  there  was 
a  viable  alternate  path.  In  another  case  we  intentionally 
oversubscribed  the  amount  of  bandwidth  allocated  in  Call 
Admission  Control,  to  ensure  the  overflow  calls  would  be 
blocked.  In  both  cases,  the  NexTone  product  worked  as 
advertised. 

Another  capability  of  NexTone’s  SBC  is  that  it  offers 
seamless  connectivity  between  SIP  phones  and  applica¬ 
tions  and  H.323-based  IP  PBXs.This  feature  lets  users  con¬ 
nect  their  existing  legacy  VoIP  environments  —  which  are 
mostly  H.323-based  —  to  VoIP-based  carrier  services  — 
which  are  mostly  SIP-based.We  tested  the  MSC’s  role  in  this 
process  by  placing  a  VoIP  call  between  an  H.323  and  a  SIP 
endpoint,  and  verified  that  it  worked  —  connection  setup 
and  quality  were  good  —  despite  the  mismatch  in  call- 
control  protocols. 

For  security  NexTone  does  token-based  bandwidth  throt¬ 
tling  of  sessions  that  exceed  a  set  threshold,  with  stepped 
reinstatement.  Both  are  sophisticated  mechanisms  for  pro¬ 
tecting  against  incorrect  or  unauthorized  IP  traffic,  which 
could  be  denial-of-service  (DoS)  attempts.  There  can  be 
multiple  cycles  of  allowing  or  reinstating  a  suspect  to  see 
whether  their  intentions  are  legitimate.  NexTone  also  can 
tell  whether  there  is  a  mismatched  address  in  the  call-setup 
process,  which  normally  would  prevent  call  setup  or  indi- 

See  SBC,  page  41 
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MAXIMUM  SYSTEM  PERFORMANCE 


Getting  To  The  Bottom  Of  Common  Reliability  Problems 


Top  5  reasons  customers  use  Diskeeper 

Performance  and  Reliability _ 


83% 


“Set  It  and  Forget  It”  operation 


83% 


Much  superior  to  built-in  defragmenter 


44% 


Longer  server  life  with  less  maintenance 


44% 


Fast  back-ups  and  antivirus  and/or  spyware  scans 


35% 


From  Diskeeper  Customer  Survey  -  Read  the  full  survey  at: 
www. diskeeper.com  /  survey 


As  an  IT  Professional,  you 
know  the  importance  of 
maintaining  system  per¬ 
formance  and  reliability. 
If  the  desktops  or  servers  crash, 
slow  down  or  freeze,  who  gets 
called?  That’s  right... you  or 
your  IT  staff.  This  ‘Toreak-fix” 
cycle  leaves  you  little  time  to  be 
proactive.  And  yet,  many  of 
these  issues  stem  from  a  single, 
hidden  source. 

Reliability  issues  commonly 
traced  to  disk  fragmentation. 

The  most  common  problems 
caused  by  file  fragmentation 
are: 

•  Crashes  and  system 
hangs/freezes 

•  Slow  boot  times  and  boot 
failures 

•  Slow  back  up  times  and 
aborted  backup 

•  File  corruption  and  data  loss 
•  Errors  in  programs 
•  RAM  use  and  cache  issues 
•  Hard  drive  failures 

Having  files  stored  contigu¬ 
ously  on  the  hard  drive  is  a  key 
factor  in  keeping  a  system 
stable  and  performing  at  peak 
efficiency.  The  moment  a  file  is 
broken  into  pieces  and  scat¬ 
tered  across  a  drive,  it  opens 
the  door  to  a  host  of  reliability 
issues.  Even  a  small  amount  of 
fragmentation  in  your  most 
used  files  can  lead  to  crashes, 
conflicts  and  errors. 

(GET  THE  PROOF  HERE: 
www.diskeeper.com  /paper) 


The  weak  link 
in  today’s  computers 

The  disk  drive  is  by  far  the 
slowest  of  the  three  main  com¬ 
ponents  of  your  computer: 
CPU,  memory  and  disk.  The 
fastest  CPU  in  the  world  won't 
improve  your  system's  per¬ 
formance  if  the  drive  is  frag¬ 
mented,  because  data  from  the 
disk  simply  can't  be  accessed 
quick  enough. 

Is  Daily  Defragmentation 
Needed  in  today’s  environment? 

More  than  ever!  Large  disks, 
multimedia  files,  applications, 
operating  systems,  system 
updates,  virus  signatures  -  all 
dramatically  increase  the  rate 
of  fragmentation.  If  fragmenta¬ 
tion  is  not  addressed  daily, 
system  performance  will  suffer. 
Fragmentation  increases  the 


time  to  access  files  for  all 
common  system  activities  such 
as  opening  and  closing  Word 
documents,  searching  for 
emails,  opening  web  pages  and 
performing  virus  scans.  To  keep 
performance  at  peak,  defrag¬ 
mentation  must  be  done  daily. 


Advanced,  automated 
defragmentation 

Manually  defragmenting 
every  system  every  day  is 
simply  not  possible  in  even 
small  networks  let  alone  enter¬ 
prise  sites.  IT  Managers  use 
Diskeeper’s  “Set  It  and  Forget 
It”®  operation  for  automatic 
network-wide  defragmenta¬ 
tion.  Customers  agree 
Diskeeper  maintains  the  per¬ 
formance  and  reliability  of 
their  desktops  and  servers, 
even  reducing  maintenance 
and  increasing  hardware  life. 

“We  run  [Diskeeper]  on  our 
client  PC’s  as  well  as  our 
servers... with  Diskeeper 
running  daily,  we  can  keep  file 
performance  at  peak  efficiency.” 

Tom  Hill,  CDR  Global,  Inc. 

Every  system  on  your  network 
needs  Diskeeper,  the  Number 
One  Automatic  Defragmenter™ 
with  over  18  million  licenses  sold! 


The  Number  One  Automatic  Defragmenter 


Special  Offer 


,V: 


Try  Diskeeper  10  FREE  for  45  days! 

Download:  www.diskeeper.com/nwmax 

(Note:  Special  45-day  trialware  is  only  available  at  the  above  link) 

Volume  licensing  and  Government  /  Education  discounts  are 
available  from  your  favorite  reseller  or  call  800-829-6468  code  4352 


Sponsored  by: 


©2006  Diskeeper  Corporation.  All  Rights  Reserved.  Diskeeper,  The  Number  One  Automatic  Defragmenter,  “Set  It  and  Forget  It"  and  the  Diskeeper 
Corporation  logo  are  registered  trademarks  or  trademarks  of  Diskeeper  Corporation  in  the  United  States  and/or  other  countries.  Diskeeper 
Corporation  •  7590  N.  Glenoaks  Blvd.  Burbank,  CA  91504  •  800-829-6468  •  www.diskeeper.com 
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“SUNGARD  REHEARSED  SCENARIOS 


WITH  US  A  COUPLE  OF  TIMES  A 


YEAR.  SO  WHEN  KATRINA  HIT, 

I  KNEW  OUR  DISASTER  RECOVERY 


PLAN  WOULD  WORK.” 


—  Harold  Aucoin,  COO 
Gilsbar,  Inc. 


When  it  comes  to  being 
prepared  for  unplanned  IT 
interruptions,  you  need  to 
know  your  systems  are  either  always 
available  or  can  be  quickly  recovered. 
That’s  where  SunGard’s  Information 
Availability  solutions  can  help.  We 
deliver  the  secure  data,  systems, 
networks  and  support  you  require  to 
help  your  business  stay  in  business. 
Because  your  employees,  suppliers 
and  customers  rely  on  you  to  be 
available  every  minute  of  every  day, 
you  need  continuous  access  to 
information  no  matter  what  —  you 
need  Information  Availability. 

For  over  25  years,  businesses  have 
turned  to  SunGard  to  restore  their 
systems  when  something  went 
wrong.  So,  it’s  not  surprising  that 
they  now  turn  to  us  to  give  them 
options  to  make  sure  they  never  go 
down  in  the  first  place.  Plus, 
SunGard  offers  solutions  that  let 
you  remain  in  control  of  your  IT 
environment  and  enjoy  the  flexibility 
required  to  adjust  to  the  changing 
needs  of  your  business. 


SunGard  has  a  wide  range  of  solutions  ranging  from  recovery  to  redundancy  that  address  your  enterprise-wide  requirements. 
Here  are  just  a  few  of  those  solutions: 

System  Recovery,  Mobile  Recovery,  Network  Recovery  and  End-User  Recovery  Services  help  you  get  back  up  quickly 

when  disaster  strikes.  And  when  combined  with  our  Server  Replication  and  Vaulting  for  Distributed  Systems  services, 
you  can  reduce  downtime  and  your  costs  by  25%*. 

Server  Replication.  If  your  server  is  unavailable,  for  whatever  reason,  you  can  have  a  fast  and  easy  recovery  of  your 
Microsoft®  Windows®-based  applications  from  the  replicated  servers  located  at  a  SunGard  facility.  When  your 
applications,  such  as  databases,  e-mail,  and  file  servers,  need  to  be  recovered  in  less  than  24  hours.  Server 
Replication  gives  you  data  center  redundancy  without  the  high  cost  of  building  your  own  secondary  facility. 

Vaulting  for  Distributed  Systems  provides  customers  with  an  automated  and  secure  process  for  critical  data  backup. 
Vaulted  data  is  available  for  easy  recovery  of  production  files.  The  logistics  and  time  needed  foY  restoring  data  to 
backup  systems,  whether  for  testing  or  recovery,  are  greatly  improved. 


Your  job  is  to  keep  systems  and  applications  running.  Our 
mission  is  to  keep  people  and  information  connected.  Let’s  work 
together.  To  learn  more,  contact  us  at  1-800-468-7483  or  go  to 

www.availability.sungard.com/masteria  and  get  your  free  copy  of 

the  book  “Mastering  Information  Availability.” 

*25%  figure  based  on  the  IDC  White  Paper,  “Ensuring  Information  Availability:  Aligning  Customer 
Needs  with  an  Optimal  Investment  Strategy.”  Actual  savings  may  vary  depending  on  services  selected 


SUNGARD 
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NetResults 
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Product 

NexTone  Multiprotocol 
Session  Controller 
(MSC)  and  iView 
Management  System 
(iVMS) 

lngate  SIParator  60 

Mera  VoIP  Transit 
Softswitch 

Vendor 

NexTone 

Communications 

www.nextone.com 

lngate  Systems 

www.ingate.com 

Mera  Systems 

www.mera- 

systems.com 

Price 

From  $46,000  to 

nnn  f  nr 

$25,630  for  system 
tested  (1,000  registered 
callers),  including 
remote-Session 

Initiation  Protocol 
(SlP)-connectivity, 
advanced-SIP-routing, 
VolP-survival  and  QoS 
optional  modules. 

$38,400  for  system 
tested  (300  concurrent 
calls);  all-software 
product  (Linux-based). 

NETWORKWORLDlHV 

1  CLEAR  CHOICE  |(pl 

•  and  options; 

iVMS  base  product 
starts  at  $85,000. 

Pros 

Great,  detailed  reports 
on  call  quality  and 
performance  statistics; 
best  administration, 
including  alarms  and 
provisioning;  H.323 
handling,  interworking 
with  SIP;  rich  and 
flexible  call-routing 
configurability. 

Full-featured,  flexible, 
integral  firewall;  can 
deploy  with  existing, 
legacy  firewall;  various 
network  address 
translation  (NAT) 
environments 
supported  (via  optional 
module). 

Broadest  VoIP  protocol 
support;  full 
transcoding;  supports 
several  redundancy 
configurations;  rich  call¬ 
routing  capabilities. 

Cons 

No  transcoding;  high 
price  tag. 

No  H.323  support;  no 
transcoding;  limited 
VolP-quality  and  trend 
reporting. 

Limited  security  (no 
direct  protection  from 
denials-of-service 
attacks;  no  firewall 
capabilities). 

Score 

4.2 

3.6 

3.4 

Ditech  PeerPoint  C100 

Ditech 

Communications 

www.ditechcom.com 

$27,000  for  system 
tested  (250  concurrent 
calls). 


Flexible  configuration, 
including  NAT-traversal 
support;  straight 
forward  installation; 
special  Microsoft  Live 
Communications 
Server  (SIP)  support; 
VoIP  encryption  (Secure 
Real  Time  Transport 
Protocol),  special 
support  for  VoIP 
conference  servers. 

SIP-only  protocol 
support;  no  integral 
firewall;  limited  VolP- 
quality  reporting. 

3.4 


The  Breakdown 


VoIP  handling  40% 
Configuration  20% 
Security  20% 


Additional  features  20% 


Tttal  score 

Scoring  Koy:  5:  Exceptional:  t 


NexTone  Multiprotocol 
Session  Controller  and  iVMS 

4 

4 

4 


Ingate  SIParator  60 


4 

3 


4 

3 


4.2  3.6 

:  Very  good:  3:  Average:  2:  Below  average;  1:  Subpar  or  not  available 


Mera  VoIP  Transit  Softswitch 


3.4 


Ditech  PeerPoint  C100 

3 

4 
4 
3 

3.4 


cate  a  possible  threat.  In  this  case  NexTone  will  send  call- 
control  information  to  the  source  address  —  where  the 
request  actually  came  from  —  to  set  up  an  audio  path  and 
ignore  what  is  the  incorrect,  possibly  spoofed  originating 
address.  Here,  the  NexTone  package  must  take  over  routing 
of  the  call,  which  it  can  do  only  because  it  can  assume  full 
SIP  call  control. 

The  downside  to  this  product  is  its  complexity.  Installation 
and  configuration  require  an  onsite  NexTone  team,  who 
configure  the  system  to  be  left  on  its  own.  NexTone  strong¬ 
ly  suggests  the  NexTone  University  for  training  additional 
customer  personnel  who  will  configure  and  tune  the  sys¬ 
tem.  Also,  unlike  some  competitors,  NexTone’s  package 
does  not  interact  with  any  existing  or  legacy  firewalls.This 
can  be  a  major  shortcoming  for  an  organization  that’s  com¬ 
fortable  with  its  embedded  firewalls. 

Ingate  Systems 

The  strength  of  the  Ingate  SIParator  60  SBC  centers  on  its 
solid  firewall  platform,  which  works  with  existing,  legacy 

firewalls. 

The  Ingate  firewall  is  SIP-aware,  which  means  it  under¬ 
stands  and  accommodates  SIP  protocol  flows  for  opening 
and  closing  ports,  address  translation  and  so  on.  The 
SIParator  is  especially  clear  in  its  setup  choices.  You  can 
configure  it  to  handle  just  VoIP  (while  having  another  fire 
wall  handle  all  other  firewall  functions)  or  to  handle  all 
firewall  processing.Theres  no  underlying  H.323  support  — 
it’s  SIP-only  —  but  the  base  firewall  has  been  extended  con¬ 
siderably  with  SIP-based  VoIP  features. 

We  spent  the  bulk  of  our  testing  time  focused  on  how 
SIParator’s  firewalling  integrated  with  its  QoS  capabilities. 
For  example,  we  examined  its  ability  to  recognize  and 
appropriately  handle  type  of  service  and  Differentiated 
Services  values.  We  went  through  screens  and  configura¬ 
tion  for  categorizing  call  types  into  queues  with  different 
threshold,  QoS  and  priority  settings.  We  confirmed  the  sys¬ 
tem  marked  and  handled  traffic  as  expected. 

Ingate  has  detailed  SIP-configuration  settings,  so  it  is  rich 
in  that  regard,  but  understanding  and  applying  the  appro¬ 
priate  settings  requires  more  than  typical  knowledge  of 
VoIP  in  general  and  SIP  in  particular,  especially  if  you  need 
to  integrate  the  Ingate  system  to  work  with  an  existing  fire¬ 
wall.  Online  help  is  available  on  a  screen  basis,  but  that  can 
still  be  a  pretty  awesome  task  and  entails  dozens  of  techni¬ 
cal  settings.  We  checked  the  configuration  screens,  docu¬ 
mentation  and  online  help  to  make  sure  that  it  was  clear 
how  to  attach  this  system  behind  a  legacy  firewall, split  data 
from  VoIP  handling  tasks  and  route  between  the  two.  We 
did  not  integrate  this  unit  with  any  legacy  firewall  as  far  as 
our  test  process.  We  saw  that  deploying  it  in  this  manner 
was  supported  and  documented. 

There’s  also  a  full  SIP  proxy  server  on  board  the  Ingate 
box, which  allows  it  to  participate  in  SIP  call  control. An  SBC 
normally  is  not  expected  to  interfere  with  or  modify  the  SIP 
calling  information.  By  containing  a  full  SIP  proxy  server, 
however,  the  SBC  can  apply  a  higher  level  of  oversight  and 
involvement  in  SIP  operations.  For  example, as  a  proxy  serv¬ 
er,  the  lngate  SBC  can  rewrite  the  SIP  header  of  inbound 
and  outbound  call-setup  messages  on  the  fly  to  accommo¬ 
date  particular  SIP  domain  names  and  name  changes. 

The  Ingate  product  offers  no  trend  reporting,  no  call- 
quality  reporting  and  no  per-call  quality  assessment. 
Ingate  monitors  what  is  going  on  and  provides  real¬ 
time  data,  such  as  number  of  active  calls  and  ports 
open,  but  it  does  not  address  any  sort  of  cumulative 


data  collection  or  reporting.  The  administrator  of  the 
SIParator  can  access  a  monitoring  GUI,  but  what  is 
available  is  limited  andreported  in  real  time;  it  might 
help  troubleshooting  somewhat,  but  not  in  facilitating 
any  kind  of  trend  reporting. 

Near-  and  far-end  NAT-traversal  support  make  the  lngate 
product  adept  at  getting  VoIP  calls  through  to  the  right  des¬ 
tination,  even  with  different  near-  and  far-end  firewall  and 
NAT  configurations  in  place.The  lngate  SIParator  also  offers 
redundancy  and  VoIP  survival  features,  such  as  alternate 
gateways,  backup  registration  for  callers,  domain-availabili¬ 
ty  checking  and  fallback  rerouting.  It  is  also  tightly  integrat¬ 
ed  with  Microsoft  Live  Communication  Server  2005,  for 
handling  VoIP  in  conjunction  with  video,  IM  and  presence 
applications. 

Mera  Systems 

Mera  Systems’  Mera  VoIP  Transit  Softswitch  (MVTS)  soft¬ 
ware-only  SBC  began  life  as  a  softswitch  and  is  extremely 


rich  in  supported  VoIP  call-handling  protocols  and  fea¬ 
tures.  MVTS  runs  atop  Red  Hat  Linux  9  on  almost  any 
high-end  server  platform  (the  more  the  better,  as  far  as 
RAM  and  gigahertz). 

Sophisticated  call  routing  through  this  product  employs  a 
panoply  of  criteria,  including  time  of  day  QoS  and  prece¬ 
dence, and  route  load. Of  the  products  tested.Mera  supports 
the  most  complete  transcoding  —  on-the-fly  conversion 
between  high-bandwidth  G.711  VoIP  Real-time  Transport 
Protocol  (RIP)  streams  and  low-bandwidth  G.729  streams. 
A  host  of  other  vocoders  also  are  supported.  SIP  to  H.323 
translation  is  akin  to  the  seamless  gateway  interworking  that 
NexTone  provides.To  test  the  translation  capabilities  of  the 
Mera  product,  we  placed  calls  through  it  between  an  H.323 
endpoint  and  a  SIP  endpoint  on  the  other  side  and  con¬ 
firmed  that  these  features  worked  as  advertised. 

Mera’s  software  collects  a  lot  of  useful  details  about  VoIP 
traffic  and  activity  It  can  collect  and  display  dozens  of  para- 

See  SBC,  page  44 
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continued  from  page  41 

meters  about  each  call.  These  are  stored  in  detailed  logs, 
but  in  a  confusing  Linux-style  format,  which  frustrates  the 
useful  consolidation  and  consumption  of  this  data.  While 
the  product  provides  a  lot  of  data, you've  got  to  extract  it  in 
an  ASCII  log  file  via  command-line  entry.  It’s  by  no  means  a 
neat,  legible  graphical  presentation  of  the  information.  It 
also  doesn’t  provide  much  in  terms  of  formatted  reports  or 
trend  analysis. 

Another  shortcoming  of  the  Mera  package  is  security: 
There  are  no  firewall  capabilities  and  no  direct  protection 
from  a  DoS  attack,  for  example.  Enterprise  users  consider¬ 
ing  the  Mera  package  will  need  to  address  firewall  and 
intrusion-prevention  system  security  separately 

Ditech  Communications 

Ditech’s  PeerPoint  C.100  is  a  Linux-based  appliance  that 
supports  only  SIP-based  call  control.  Beyond  VoIP  call  han¬ 
dling,  this  SBC  provides  rich  firewall  capabilities,  as  well  as 
strong  DoS-attack  handling. 

Many  of  these  security  features  were  demonstrated  on 
monitored  calls  and  showed  a  detailed  level  of  settings  for 
automatic  protection.  DoS-attack  profiles  can  be  created 
based  on  standard  Internet  protocols  or  detected  call  trans¬ 
mission  rates.  SIP  protocol  header  fields  also  can  be  filtered 


actively  to  prevent  details  of  the  internal  network  from 
being  broadcast  to  the  Internet.  Intelligent  monitoring  is 
used  by  the  Cl 00  to  flag  and  monitor  suspect  incoming 
connections.The  monitoring  uses  active  scorekeeping  and 
configurable  timers  to  identify  problem  connections  from 
an  incoming  client,  who  is  then  incrementally  prevented 
and  optionally  reinstated  for  access  back  into  the  local  net¬ 
work.  This  process,  which  can  be  configured  by  combina¬ 
tions  of  IP  address,  port  number  and  dynamic  message  fail¬ 
ure  ratios,  performs  automatically  without  administrator 
intervention.  Additional  protection  is  provided  by  enabling 
examination  of  RTF?  the  standardized  Internet  content 
transmission  format,  to  validate  its  declared  content  (audio 
and  video),  thus  preventing  a  disguised  executable  from 
entering  the  system. 

Other  strengths  include  sophisticated  near-  and  far-end 
NAT  traversal  (such  as  with  the  Ingate  product), and  Secure 
RTP  (sRTP)  encryption  and  Transport  Layer  Security  (TLS: 
encrypted  SIP  call  control)  support.  To  check  out  Ditech’s 
NAT  traversal,  we  used  Ditechs  own  method  of  querying 
the  open  call  sessions  and  problems  by  sending  and  mon¬ 
itoring  the  results  of  SIP  reinvites  to  both  sides  of  the  NAT. 
We  captured  and  examined  call  sequences  and  ITTP 
streams  to  confirm  TLS  and  sFLTP 

We  give  kudos  to  Ditech’s  installation  because  initial  con¬ 
figuration  and  establishing  settings  are  based  on  an  embed¬ 
ded  relational  database  that  retains  values  entered  and 


What  session  border  controllers  do:  Comparative  feature  checklist 

Note:  A  checkmark  (V  indicates  the  product  fully  addresses  this  feature. 


Ditech  PeerPoint  C100 

Ingate  SIParator  60 

Mera  MVTS 

NexTone  MSG  and  iVMS 

VoIP  signaling  and  call  handling 

Call  load,  bandwidth  optimization 

V 

V 

V 

Full-featured  firewall  traversal 

V 

V 

V 

Session  Initiation  Protocol  (SIP)  to 
H.323  conversion 

V 

V 

H.323  gatekeeper  services 

V 

V 

SIP  proxy  redirect,  other  services 

V 

V 

V 

V 

Real-time  Transport  Protocol/RTP 
Control  Protocol  termination  and 
regeneration 

V 

V 

V 

Transcoding  (G.711-G.729,  etc.) 

— 

V 

IP  address  resolution/management 

V 

V 

V 

Security 

Native,  integral  firewall 

V 

V 

Topology  hiding 

V 

V 

V 

V 

Authenticate  VoIP  calls  and  callers 

V 

V 

V 

V 

Open  and  close  legacy  firewall  ports 

V 

V 

V 

VoIP  network  address  translation 

V 

V 

V 

V 

Prevention  of  denial-of- service 
attacks 

V 

V 

V 

QoS,  quality  monitoring,  reporting 

Differentiated  Services/types  of 
services  QoS  handling 

V 

V 

V 

V 

Monitors  each  VoIP  call 

V 

V 

V 

V 

Per-call  quality  rating  (i.e.,  mean 
opinion  score) 

V 

V 

Issue  call  detail  records 

V 

V 

V 

Call-quality  trend  reports 

V 

: .  .... 

-rm .  *  n  Get  *°  know  your 
JAn  VoIP  network 


1. )  Know  your  VoIP  network  well  in  terms  of  equipment,  protocols, 
traffic  load.  In  addition  to  IP  phones  and  VoIP  gateways,  you'll  need 
a  firm  understanding  of  the  other  network  components  that  may 
affect  VoIP  flows  and  your  session  border  controller  (SBC) 
deployment,  including  firewalls  and  intrusion-prevention  systems, 
DHCP  and  DNS  environments,  and  possibly  some  aspects  of  your 
Layer  2  and  Layer  3  infrastructure. 

2.  Test  all  VoIP  flows  through  SBC  prior  to  going  live. 

3.  Get  your  carriers  and  IP  telephony  vendors  involved  in  the  process. 
Do  they  have  experience  working  with  the  SBC  you've  selected? 
Have  they  worked  in  combination  with  other  service  providers  and 
the  IP  PBX  vendors  you  have  chosen?  What  are  the  preferred 
settings  you  need  to  have  in  place  with  regard  to  timers,  rerouting 
messages,  security  settings  and  the  planned  SBC  settings? 

4.  Remember  your  SBC  objectives  are  improving  security  and  saving 
money.  Don’t  lose  sight  of  why  you're  deploying  an  SBC.  If,  for 
example,  VoIP  call  quality  drops  to  the  point  where  all  or  most  calls 
are  rerouted  over  the  public  switched  telephone  network,  it  may 
end  up  costing  you  more. 


propagates  the  values  to  other  screens  and  tabs  in  the  sys¬ 
tem  (to  drop-down  boxes,  for  example). This  lets  you  avoid 
the  arduous  process  of  having  to  reenter  the  same  data  mul¬ 
tiple  times,  and  helps  ensure  valid  entries  in  screens. 

The  vendor’s  adjunct  Packet  Voice  Processor,  which  was 
not  included  in  the  configuration  we  tested,  reportedly 
adds  support  for  transcoding  and  other  per-call  quality 
measurement  and  reporting,  and  quality  trend  reports  and 
intelligent  packet  repair. 

Other  noteworthy  aspects  of  the  Ditech  package  include: 
its  tight  compatibility  with  Microsoft  Live  Communications 
Server  2005;  a  special  feature  for  keeping  calls  connected 
(called  stateful  failover,  it  worked  seamlessly  in  our  testing, 
with  failover  occurring  in  less  than  a  second, resulting  in  no 
dropped  calls);  and  what  Ditech  calls  media  path  optimiza¬ 
tion,  where  the  system  decides  whether  to  proxy  media 
streams  or  allow  direct  point-to-point  RTP  communications. 

The  four  SBCs  tested  all  showed  they  could  competently 
process  and  manage  SIP-based  VoIP  calls  between  an 
enterprise  environment  and  a  simulated  service  provider, 
front-ended  by  a  prominent  third-party  carrier-oriented 
SBC.  Interoperability  between  the  carrier-side  SBC 
employed  in  the  test  bed  and  the  enterprise-based  SBCs  we 
tested  did  not  prove  to  be  a  concern. 

Emerging  with  the  top  score  from  this  test  round  was 
NexTone,  whose  package  we  believe  best  suits  a  large 
enterprise  —  due  to  its  high  price  tag,  support  for  legacy 
H.323-based  PBXs,  and  very  detailed  reporting  that  most 
benefits  an  organization  with  a  dedicated  VoIP  admin  staff. 
Ingate  placed  second,  with  a  system  that  adds  good  SIP- 
based  VoIP  security  to  an  enterprise  that  may  want  to  retain 
its  legacy  data-network  firewalls.  Closely  behind  Ingate 
were  Mera  Systems  and  Ditech,  which  tied.  Mera's  software- 
only  package  favors  enterprises  with  a  lot  of  legacy  VoIRas 
it  handles  many  forms  of  VoIP  protocol  and  RTP  stream 
conversion.  Ditech's  appliance  provides  enterprises  with 
SIP-based  VolRadded  security  call-  and  QoS-handling. 

Mier  is  founder  and  president,  Mosco  and  Tarpley  are  lab 
testers,  and  Smithers  is  CEO  at  Miercom,  a  network  con¬ 
sultancy  and  product  test  center  in  East  Windsor,  N.J.  They 
can  be  reached  at:  ed@miercom.com,  amosco 
@miercom.com,  rtarpley@miercom.com  and  rsmithers 
@miercom.com,  respectively. 
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ENT  STRATEGIES 


On  the  job  with  an  IT  architect 

Techie  discusses  the  role  and  responsibilities  his  position  with  staffing  firm  Spherion  entails. 


The  position  of  IT  architect  has 
been  growing  in  visibility  with  its  sig¬ 
nature  responsibility  of  blending 
technology  and  business  goals.  George  Drazick  has  spent 
3  1/2  years  in  that  role  at  Spherion,  a  staffing  and  recruit¬ 
ing  firm  with  $2  billion  in  annual  revenue  and  more  than 
300,000  employees  worldwide. 


Now  transitioning  into  the  role  of  direc¬ 
tor  of  technology  he  recently  talked  with 
Network  World  Senior  Editor  John  Fontana 
about  how  Spherion  defines  the  IT-archi- 
tect  role,  what  the  responsibilities  are  and 
how  important  it  is  to  marry  systems,  appli¬ 
cations  and  business  requirements. 

Can  you  define  the  role  of  IT 
architect? 

We  have  two  functions  they  fill:  one  is  a 
systems  architect,  and  one  is  an  applica¬ 
tions  arch.  When  you  bring  those  two 
together  you  really  get  your  lead  IT,  or 
enterprise,  architect  from  a  technology 
standpoint. 

In  this  role,  not  only  is  the  understanding 
of  technology  important  but  also  the  abili¬ 
ty  to  articulate  the  interrelationships  of 
business  and  technology  models. 

Give  me  a  rundown  of  your  respon¬ 
sibilities. 

No.  1  on  my  mind  all  day  is  applica¬ 
tion  and  system  performance.  Security, 
standards;  implementation  of  standards 
across  the  board  whether  they  apply  to 
systems  and  operating  systems  for  the 
application. That  is  in  terms  of  the 
KnowledgeSphere  [Spherion’s  ERP  inte¬ 
gration  of  four  applications:  financials, 
human  capital  management,  front  office 
and  services  procurement],  reporting 
applications,  as  well  as  our  latest 
deployment  of  portal  and  our  imple¬ 
mentation  strategy  Also  guidance  for 
longer-term  strategy  for  building  an 
application  technology  model  that  is 
able  to  accommodate  the  business’s 
changing  needs. 


What  is  your  experience,  your 
background? 

I  started  as  a  systems  architect.  I  was 
really  focusing  on  server  technologies  to 
enable  the  applications  that  we  were 
deploying.  As  time  went  on,  though,  and  I 
worked  for  PeopleSoft  and  Dun  &  Brad- 
street,  I  gained  more  knowledge  of  the 
applications  and  focused  first  on  deci¬ 
sion-support  systems  —  reporting,  ware¬ 
housing,  data-marting  —  applications  that 
enabled  business  intelligence. 

What  sort  of  initiatives  are  on  the 
board  for  you  now? 

One  is  an  implementation  of  a  new  busi¬ 
ness-intelligence  platform  where  enter¬ 
prise  data-marting  and  reporting  are  the 
focus.  Second  is  the  actual  upgrade,  which 
is  an  area  where  application  system  archi¬ 
tects  are  heavily  involved. These  applica¬ 
tion  upgrades  are  usually  one-year-to-18- 
month  projects  and  require  looking  at 
every  piece  of  the  architecture,  every 
piece  of  the  application,  every  piece  of 
security  that  the  system  has  run  on. 

What  are  some  of  the  challenges 
you  face  in  this  position? 

Influencing  all  parties  that  are  concerned 
with  the  environment,  all  of  those  that  have 
a  stake  in  it, so  they  see  a  unified  view. 

Where  does  this  position  fit  in 
terms  of  the  overall  IT  department’s 
organizational  chart? 

My  position  reports  directly  to  our  CIO. 

What  did  it  take  to  get  into  this 
position? 


You  come  up  through  the  ranks,  but 
there  has  to  be  some  expertise  that  you 
are  able  to  provide.  For  me,  it  was  working 
with  Dun  &  Bradstreet.  1  first  worked  in  a 
support  organization  and  then  found  my 
way  into  a  decision  support  role. 

At  some  point,  I  moved  to  the  develop¬ 
ment  organization  and  had  a  chance  not 
only  to  play  in  the  administration  of  the 
environment  but  to  actually  see  the  devel¬ 
opment  and  understand  how  a  developer 
would  go  about  building  applications. Dun 
&  Bradstreet  led  to  PeopleSoft  and  anoth¬ 
er  intensive  round  of  low-level  expertise 


and  practice,  which  led  me  to  Spherion. 

How  have  you  seen  this  role  mature 
over  the  past  four  or  five  years? 
Currently  companies  seem  to  be 
applying  the  concepts  of  this  role  to 
more  fine-tuned  areas,  such  as  net¬ 
working  and  specific  applications. 

I  have  seen  it  change  truly  from  a  techni¬ 
cal  heads-down  role  into  a  more  visible, 
more  social  role  filled  by  someone  who  is 
able  to  socialize  the  ideas,  thoughts  and 


strategies  and  has  the  people  skills  to  be 
able  to  span  the  divide  that  exists  be¬ 
tween  certain  technical  groups  or  certain 
technical  functions. 

Previously,  1  think  we  as  architects  were 
purists  in  terms  of  technology.  People  that 
would  deliver  what  they  thought  were  the 
best  solutions  and  then  leave  them  on  the 
table  for  others  to  implement. 

How  does  this  position  translate 
into  helping  Spherion  generate 
revenue? 

Increasing  overall  application  perfor¬ 


mance,  streamlining  systems  and  applica¬ 
tion  administration  and  creating  a  more 
flexible  architecture  to  allow  technology 
to  be  taken  out  of  the  business  decision¬ 
making  process,  which  enables  us  to  be 
more  nimble  as  an  organization. 

What  sort  of  pay  scale  is  associat¬ 
ed  with  this  position? 

Industrywide  across  the  board,  I’ve  seen 
the  scale  range  anywhere  from  $85,000  to 
$1 80,000.  ■ 


George  Drazick,  IT 
architect  for  Spherion, 
serves  as  a  proponent 
of  the  staffing  compa¬ 
ny's  overall  business 
strategy. 


maybe  it’s  time 
you  look  at 

AdaptiveKVM" 


When  servers  are  down  or  inaccessible,  you  need 
fast  and  reliable  out-of-band  access  and  control. 

Cyclades  AdaptiveKVM™  (patent  pending)  is  the  industry's  first 
integrated  solution  that  combines  KVM  over  IP  and  Microsoft® 
Remote  Desktop  Protocol  (RDP)  technology  in  a  single 
appliance.  By  using  KVM  over  IP  combined  with  RDP, 
AdaptiveKVM  provides  continuous  access  for  remote  server 
management. 


Next-Generation  KVM  Solution 


AlterPath™  KVM/netPlus 


Download  a  FREE  White  Paper  on  AdaptiveKVM 

www.cyclades.com/akvm 
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Current  sniffer  can't  keep  up? 


Clear  out  problems  with  Observer  1 1 .  Now  with  enterprise  strength  VoIP  analysis.  New  features  include  an  enhanced 
VoIP  Expert,  Quality  Scoring,  Call  Detail  Records,  MultiHop  Analysis,  and  64-bit  Windows  support.  It's  time  to  reset  your  analyzer. 


N "network* 

INSTRUMENTS 


Wired  to  wireless.  LAN  to  WAN.  One  network  -  complete  control. 


US  &  Canada  UK  &  Europe 

toll  free  800.526.5958  +44  (0)  1 959  569880 

www.networkinstruments.com/analyze 


enhanced  VoIP  support 


Automate  Any  Environment 

Apcon  Intellapatch™  delivers  solutions  that  reduce  costs 
for  enterprise  and  test  lab  environments 


Enterprise: 

•  Reduce  packet  analyzer 
and  monitoring  costs 

•  Centrally  control  and 
distribute  packet  analyzers 

•  Enable  100%  network  visibility 

•  Remotely  control 
physical  connectivity 
of  monitoring  device 


IntellaPatch™ 

Physical  Layer  Switches 


For  the  full  IntellaPatch  story,  click  www.apcon.com  or  call  1.800.624.6808. 


Test  Labs: 

•  Automate  networking  and 
software  test  labs 

•  Instantly  reconfigure  test  lab 
topologies 

•  Decrease  testing  time  and  cost 

•  Decrease  product  time 
to  market 


U  Apcon 

Solutions  for  Networks 


VIEW  FOUR  COMPUTERS 

ON  A  SINGLE  MONITOR  SIMULTANEOUSLY 


••  V  .  ! 


VGA  &  DVI 
USB  &  PS2 

HIGH  QUALITY  VIDEO 


H  m 


PiP  MODE 
HDTV 
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See  us  at  Interop,  Las  Vegas-  Nevada,  BOOTH  #1875 


DIGITAL  KVM  OVER  IP 
SIMPLY  THE  BEST... 


::  Ultra  Matrix™  Remote 


Access  your  computers,  servers,  and  serial 
devices  locally  or  across  your  network  around 
the  world. 
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:  UltraLink™ 


control  up  to  1,000  computers  and 
network  devices  over  IP 

State  of  the  art  security 
High  resolution 
On-screen  menu 
USB  /  PS2 
Serial  Access 


RELAX.  YOU'RE  IN  CONTROL  NOW. 


1 .  State  of  the  Art  Security 

2.  Industry  Best  Video  Resolution 

3.  Responsive,  Real  Time  Mouse  Control 

4.  24/7  Mission  Critical  Reliability 

5.  Dependable,  Powerful,  Secure,  Guaranteed 


control  up  to  1,000  servers  and  serial 
devices  over  IP 

State  of  the  art  security 
High  resolution 
On-screen  menu 
USB  /  PS2 
Serial  Access 

Single,  Dual,  Quad  models 


control  up  to  1,000  computers  and 
network  devices 
Security  system 
High  resolution 
On-screen  menu 
Multi- platform  /  Serial  Access 
2x,  4x,  8x,  16x 
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Extends  keyboard,  video,  and 
mouse  signals  up  to  33,000  feet 
Fiber  /  CATx 
DVI  /  VGA 
PS2  /  USB 
High  resolutions 
PC,  Sun,  Audio,  Serial 


Rack  Drawer  KVM,  1U  or  2U 
15",  17",  or  20"  VGA 
PS/2  or  USB 
Touchpad  or  Trackball 
Optional  Touchscreen 
W/  KVM  Switch 


Panel  Mount  LCD 
15",  17",  19",  or  20" 

VGA  /  (DVI  /  S-Video  19"  only) 
Optional  Touchscreen 
W/  Extenders 


ROSE  US 
ROSE  EUROPE 
ROSE  ASIA 
ROSE  AUSTRALIA 


281  933  7673 
+44  (0)  1264  85057 
+65  6324  2322 
+617  3388  1540 


www.rose.com 

281  933  7673  800  333  9343 

ROSE  ELECTRONICS  10707  STANCLIFF  HOUSTON,  TEXAS  77099 
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CDU  Product  Family:  Metered,  Smart  &  Switched 


©Server  Technology,  Inc.  Sentry  is  a  trademark  of  Server  Technology,  Inc. 


Server  Technology 

Solutions  for  the  Data  Center  Equipment  Cabinet 

The  Sentry  CDU  distributes  power  for  Blade 
servers  or  up  to  42  dual-power  1U  servers 
in  one  enclosure.  Single  or  3-phase  input 
with  110VAC,  208 VAC  or  mixed  110/208VAC 
single-phase  outlet  receptacles. 

Metered  CDU 

>  Local  input  Current  Monitoring 
Smart  CDU 

>  Local  Input  Current  Monitoring 

>  Supports  External  Temperature  and 
Humidity  Probes 

>  IP  Monitoring  of  Power  Temperatures 
and  Humidity 

Switched  CDU 

>  Local  input  current  Monitoring 

>  Supports  External  Temperature  and 
Humidity  Probes 

>  IP  Monitoring  of  Power,  Temperatures 
and  Humidity 

>  Remote  Power  Control  of  Each  Outlet 
—  On  /  Off  /  Reboot 


Server  Technology,  Inc. 
1040  Sandhill  Drive 
Reno,  NV  89521 
USA 


toll  free  +1.800.835.1515 
tel  +1.775.284.2000 
fax +1.775.284.2065 

www.servertech.com 

sales@servertech.com 
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Dealers  Wanted 


(of  Sound 
Monitoring 


Control 

Interface 


Port 


Modem 
fct  Pager  Port 


(Temperature,  Humidity, 
Water,  Motion,  Power, 
Smoke/Fire) 

Expandable 


Monitor  the  REST  of  your  Computer  Room! 


•  Water  on  the  Floor 

•  Temperature 

•  Power  Problems 

•  Security 

•  Smoke  and  Fire 

•  Humidity 

•  Video 

•  And  much  more 


Sends  Monitors  Embedded  Sends 

SNMP  64  Web  E-MaJI 

Messages  IP  addresses  Server 


Power 

Outage 


Internal 

UPS 


Tel:  877-373-2700 
www.ims-4000.com 


MiniGoose 

Climate  Monitor 

$199 


SENSAPHONE 
901  Tryens  Road 
Aston,  PA  19014 


Console  Ports  +  Power  Control  +  Dial-Up  Modem  =  1 U 


CD 


Web  Browser  Interface 
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CONSOLE  MANAQEMEHT  SWTTCH 


■  Web  Browser  Access  for  Easy  Setup  and  Operation 

■  Telnet,  Internal  Modem  and  Serial  Access 

■  Four  Individually  Switched  Power  Outlets 

■  Six  DB-9  Serial  Console  Ports 

■  Port  Specific  Password  Protection 

■  Dial-Back  Security  on  Modem  Port 

■  Requires  Only  One  Rack  Unit 

■  Non-Connect  Port  Buffering 

■  Data  Rate  Conversion 

■  120  VAC  Model  -  NEMA  5-15  Outlets 

■  208/240  VAC  Model  -  IEC320  Outlets 

The  CMS-6R4  Console  Management  Switch  is  the  ultimate  tool  for  economical 
Remote  Network  Management.  Six  serial  ports  to  access  you  equipment’s  console 
ports,  Four  power  outlets  to  perform  remote  reboot  or  On/Off  control  plus  an  internal  modem 
with  dial-back  features  for  secure  out-of-band  access  -  all  in  a  space  saving  1 U  package!  System 
administrators  can  access  remote  devices  from  anywhere  via  telnet,  dial-up,  local  terminal  or  KVM  switch. 


I  «r»don:  W1I  Dwo  (train,  Irvine,  CA 


c  loc .  j  Spring.  Iran*.  Ca.  92618  — 


Visit  Website  for  Complete  NetReach™  Product  Line 

(800)  854-7226  •  www.wti.com 
5  Sterling  •  Irvine  •  California  92618-2517 
(949)  586-9950  •  Fax:(949)  583-9514 


Yes,  We  are  Customer  Friendly! 

✓  Two  Year  Warranty 

✓  We  Stock  for  Same  Day  Shipment 

✓  30  Day  Return  Policy 

✓  Call  or  Email  for  an  Online  Demo 


western  telematic  incorporated 
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TAP  Into  Your  Network 


Only  a  TAP  can  provide  a  complete  copy  of  data  from  full-duplex  links  at  line  rate  for 
monitoring  devices.  Without  a  TAP,  a  monitoring  device  may  be  fed  incomplete  and 
misleading  information-creating  false  positives  and  overlooking  network  problems 
that  actually  do  exist.  Visit  www.networkTAPs.com/visibility  today. 


Copper  /iTAPs 

10/100 . $395 

10/100/1000 . .$9tf.....$795 


Copper  to  Optical 
Conversion  nTAPs 

SX  or  LX . 


.$1,495 


Optical  nTAPs 

One-Channel . .$39$"  ....$295 

Two-Channel . $79t f....$575 

Three-Channel  ....$U£$....$845 


To  learn  more  about  how  nTAPs  can  boost  your  network  visibility,  which  configuration  option 
is  best  for  you,  and  to  check  out  new  pricing  go  to  www.networkTAPs.com/visibility 
or  call  866-GET-nTAP  today.  Free  overnight  delivery* 


F@  C€ 


•Free  overnight  delivery  on  all  U.S.  orders  over  $295  confirmed  before  12  p.m.  Central  Time. 
nTAP  and  all  associated  logos  are  trademarks  or  registered  trademarks  of  Network  Instruments,  ILL 
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Berkeley  Varitronics  Systems  Metucheh,  NJ  08840 

(732)  548-3737  www.bvsystems.com 


Shown  with 
optional 
Direction 
Finder 
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802.1  Ibg  W-LAN  ANALYZER 

►  2.4  GHz  (802.11b  &  g)  SPECTRUM  ANALYSIS 

►  Locate  hackers  and  rogue  AP’s 
>-  Pinpoint  specific  interference  sources 

►  Install  &  secure  Wi-FI  networks 
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Yellowjackef® 
Hive  screen 


Vellouujacket®  Hive 
Software 

Site  Initiator/Supervisor/ 
Investigator  indoor/outdoor 
mapping  W-LAN  coverage 
solution 


Reading  someone  else's 
issue  of  Network  World? 

Subscribe 
today  and 
receive  your 
own  1-year 
subscription 
for  FREE  - 

a  $129.00 
value! 


Go  to  http://apply.nww.com/free 
for  your  free  subscription. 
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Events  and  Executive  Forums 


Network  World  Events  and  Executive 
Forums  produces  educational  events 
and  executive  forums  worldwide, 
including  our  one  day  Technology  Tours, 
customized  on-site  training,  and  executive  forums  such  as  DEMO®. 
DEMOmobile®,  and  VORTEX,  as  well  as  the  DEMOIetter  and  VORTEX 
Digest  newsletters.  For  complete  information  on  our  current  seminar 
offerings,  call  us  at  800643^1668  or  go  to  www.networkworld.com/events. 


Publicize  your  press  coverage  in 
Network  World  by  ordering  reprints  of 
your  editorial  mentions.  Reprints 
rpake  great  marketing  materials  and 
are  available  in  quantities  of  500  and 
up.  To  order,  contact  Reprint 
Management  Services  at  (717)  399- 
.1900  x128  or  E  mail:  networkworld@reprintbuyer.com. 
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Enterprise  spin 

Desktop  search  tools  typically  reside  on  end  users’  desktops 
and  use  local  processing  power  to  locate  items  within 
e-mail  and  data  stores.  Free  versions  get  the  job  done,  but 
enterprise-class  applications  add  management  and  security 
features  including: 

•  Product  support  services.  _ 

•  Hooks  to  directory  servers  so  IT  can  use  existing  user  and  group  permissions 

to  restrict  search  result  sets. _ _ 

•  Option  to  deploy  query-only  capabilities  to  desktops  and  maintain  centralized 

control  over  content  indexing. _ 

•  Control  over  taxonomy  and  categorization  parameters. _ 

•  Encryption  of  user  data  and  search  index  files. _ 

•  Greater  support  for  file  formats  and  search  methods. _ 

•  Management  features  tailored  for  enterprise  licensing,  installation. 


Search 

continued  from  page  1 

search  domain,  but  many  don’t 
know  when  to  do  so.  The  thought 
of  having  an  index  of  company 
information  under  the  control  of 
a  third  party  is  cause  for  alarm 
among  some  IT  executives. 

“Customer  data  is  scattered  all 
over  the  IT  landscape,”  says 
Albert  Porco,  CIO  at  Kings 
County  Medical  Center.  “My 
biggest  concern  is  that  with 
access  from  anywhere  at  any¬ 
time,  end  users  can  load  these 
tools  on  their  home  computers 


and  not  only  expose  their  per¬ 
sonal  data  but  also  expose  cor¬ 
porate  data.” 

That’s  one  reason  the  Brooklyn, 
N.Y.,  medical  facility  locks  down 
its  desktops.  “Desktop  support  is 
hard  enough,  but  when  users 
add  untested  software  to  the 
mix,  support  becomes  impossi¬ 
ble,”  Pbrco  says. 

Averting  desktop  disaster 

Desktop  search  technology  has 
been  around  for  many  years  and 
available  from  vendors  such  as 
dtSearch,  ISYS  and  ZyLab.  But  it 
wasn’t  until  fall  2004  when 
Google  got  into  the  market,  that 
things  took  off. 

“It  was  a  sleepy  backwater. 
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There  were  four  or  six  vendors, 
none  of  which  had  seen  a  sub¬ 
stantial  amount  of  business,”  says 
Whit  Andrews,  a  research  vice 
president  at  Gartner.  “Then  sud¬ 
denly  Google  released,  and 
Yahoo  had  to  respond,  then 
Microsoft  responded.  Google 
released  Google  Desktop  beta, 
and  it  was  explosive.” 

Users  familiar  with  these  ven¬ 
dors’  public  Web  search  sites  — 
and  in  many  cases  dissatisfied 
with  the  search  features  built 
into  Microsoft  Outlook,  for 
example  —  installed  these  pro¬ 
grams  on  their  own  to  help 


tame  their  desktop  contents. 

But  it’s  the  IT  department  that 
has  to  worry  when  free  desktop 
search  tools  expose  the  contents 
of  a  forgotten  file  server,  conflict 
with  a  homegrown  application  or 
render  a  PC  unusable. 

“We  have  to  spend  our  time  re¬ 
moving  the  applications  from 
end  user  desktops,  changing 
configuration  settings  back  to 
default,  and  possibly  repairing 
damage  to  the  operating  system 
caused  by  malfunctioning  soft¬ 
ware  that  isn’t  tested  properly 
and  approved  by  us,”  says  Craig 
Bush,  network  administrator 
at  orthopedic  and  medical 
device  provider  Exactech  in 
Gainesville,  Fla. 
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As  users  increasingly  deploy 
free  consumer-oriented  search 
tools,  the  management  problem 
escalates. 

“This  issue  is  becoming  a  chal¬ 
lenge  because  we  don’t  have  a 
policy  in  place,  so  it  is  now  open 
season,”  says  Priscilla  Milam,  asso¬ 
ciate  vice  chancellor  for  IT  opera¬ 
tions  at  North  Harris  Montgomery 
Community  College  District.  “It 
makes  our  network  vulnerable 
and  creates  security  issues  across 
the  district.” 

Milam’s  priority  in  her  new  role 
at  the  Woodlands,  Texas,  campus 
is  to  create  and  implement  a  stan¬ 
dardized  desktop  policy  that  she 
says  she  hopes  to  have  in  place  in 
the  fall.  Milam  plans  to  select  a 
desktop  search  product  that  can 
be  tied  into  the  district’s  Active 
Directory  and  forthcoming  identi¬ 
ty-management  infrastructure.  But 
ironing  out  desktop  policies  has 
to  come  before  the  product  selec¬ 
tion  process. 

“We  are  currently  doing  a  secu¬ 
rity  awareness  public  relations 
campaign  that  gets  the  word  out 
to  our  users  about  the  risks  in¬ 
volved  with  these  search  tools 
and  other  practices,”  Milam  says. 
The  campaign  has  been  well  re¬ 
ceived  —  many  employees  have 
voluntarily  chosen  to  remove 
some  desktop  tools  until  they 
have  further  guidance  from  IT, 
she  says. 

Amerigas  doesn’t  have  a  prob¬ 
lem  with  users  downloading 
the  free  tools  because  its  desk¬ 
tops  are  locked  down.  But  users 
want  them,  so  the  company  is 
on  the  lookout  for  a  desktop 
search  product  that  can  be 
used  with  SharePoint  and 
Active  Directory,  says  Martin 
Gibbins,  client  technology  man¬ 
ager  at  the  Valley  Forge,  Pa., 
company.  “Searching  for  infor¬ 
mation  is  important,”  he  says. 

Take  a  stance 

Companies  that  don’t  address 
the  topic  of  desktop  search  are 
making  a  mistake,  Andrews 
says.  Left  unchecked,  more  and 
more  users  will  download  what¬ 
ever  search  product  they  like 
best.  IT  will  wind  up  with  a 
hodgepodge  of  free  products, 
none  of  which  include  vendor 
support.  “This  is  not  conducive 
to  success  for  an  enterprise,” 
Andrews  says. 

Instead,  companies  should 
choose  one  desktop  search  prod¬ 
uct,  arrange  for  an  enterprise 
license  and  support  it. When  com¬ 


panies  license  an  enterprise  ver¬ 
sion  of  a  desktop  product,  they 
can  arrange  for  support  services 
from  the  vendor. 

There  also  are  security  incen¬ 
tives:  Enterprise  versions  typically 
include  tie-ins  to  directory  prod¬ 
ucts  so  the  IT  department  can 
use  existing  user  and  group  per¬ 
missions  to  restrict  search  result 
sets,  for  example.  IT  also  can  opt 
to  give  users  query  capability  but 
retain  control  over  what  gets  in¬ 
dexed  and  how  the  index  is 
updated. 

“That  puts  you  in  a  position  with 
all  kinds  of  flexibility  you  didn’t 
have  before,”  Andrews  says.  “You 
can  manage  the  indexing,  the 
security  and  the  integration  —  or 
lack  thereof  —  to  enterprise 
search  platforms.  And  you  can 
make  sure  it’s  meeting  your  regu¬ 
latory  needs.” 

Making  a  selection  isn’t  easy  but 
there  are  plenty  of  options  to  con¬ 
sider.  Google  offers  an  enterprise 
version  of  its  desktop  search,  as 
do  MSN  and  Yahoo.  Google  also 
offers  premium  support  services, 
which  cost  $20,000  for  two  years 
and  unlimited  users. 

Yahoo’s  desktop  search  prod¬ 
uct  is  based  on  technology 
from  XI  Technologies,  which 
offers  its  desktop  search  prod¬ 
ucts  directly  to  users.  XI  has  a 
client  version  of  its  desktop 
search  software,  as  well  as  a 
server  edition  for  companies 
that  want  to  have  enterprise 
management  capabilities.  For 
example,  the  XI  Enterprise 
Server  provides  a  central  index¬ 
ing  engine  for  network-based 
content  sources  and  uses 
Windows  Authentication  for 
security  integration. 


In  addition,  vendors  with  tools 
for  searching  content  on  Web 
sites  and  intranets  are  paying 
more  attention  to  the  desktop 
search  market.  Fast  Search  & 
Transfer  and  Autonomy  have 
built  desktop  search  products, 
and  Endeca  and  IBM  have 
added  desktop  search  capabili¬ 
ties  to  their  suites  via  partner¬ 
ships,  Andrews  says. 

Key  to  making  a  decision 
about  which  platform  to  choose 
is  to  test  it,  observers  say.  There 
are  too  many  unknowns  in  desk¬ 
top  environments  to  skip  a  pilot, 
Andrews  says. 

One  Gartner  client  tried  a 
desktop  search  application  and 
found  it  conflicted  with  one  of 
its  homegrown  applications. 
“Something  went  wrong  some¬ 
where,”  Andrews  says.  “They 
liked  it  better  than  the  one  they 
had  to  pick,  but  they  could  not 
make  it  work.” 

Another  client  found  a  desk¬ 
top  search  application  caused 
performance  problems  on  some 
PCs  and  caused  others  to  have 
to  be  reimaged,  he  says. 

Some  of  these  problems  are 
caused  by  some,  products’  con¬ 
sumer  roots.“lf  something  is  built 
for  consumers,  there’s  more  em¬ 
phasis  on  turning  it  around 
quickly  to  grab  market  share, 
grab  visibility  and  meet  the  vast 
majority  of  needs,  not  the  en¬ 
tirety  of  needs.  There’s  less  atten¬ 
tion  paid  to  some  critical  fac¬ 
tors,”  Andrews  says.  ■ 

SECURITY 
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“My  biggest  concern  is  . . .  end  users 
can  load  these  tools  and  not  only 
expose  their  personal  data  but  also 
expose  corporate  data.” 

Albert  Fbrco,  CIO,  Kings  County  Medical  Center 
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BACKSPIN 


Mark  Gibbs 


I  ver  get  complaints 
about  high  tech  from 
I  your  workmates, 
friends  and  family? 

Happens  all  the  time, 

doesn’t  it?  Your  boss  gets  a  new  cell  phone,  and  it  does¬ 
n’t  work  the  same  way  as  her  last  one,  and  you  wind  up 
being  the  bad  guy,  because  you  can’t  explain  it  to  her, 
and  she’s  not  really  interested  in  the  first  place. 

Or  a  new  version  of  one  of  your  company’s  productivity 
applications  is  installed,  and  despite  having  sent  around 
memos  warning  everyone  and  providing  user  guides 
and  offering  training,  the  first  day  it  is  available  any  and 
every  problem  seen  by  the  users  is  a  disaster  on  par 
with  humanity  being  wiped  out  by  a  meteor,  and  it  is  all 
your  fault. 

Despite  megayears  of  complaints  by  consumers  of  all 
levels  of  ability,  in  many  major  high-tech  companies  engi¬ 
neers  still  get  to  build  products  without  parental  over¬ 
sight.  Motorola  is  an  example.  Have  you  ever  looked  at  the 
Razr?  Nice  design  on  the  outside  but  the  user  interface  is 
horrible  and  dust  accumulates  between  the  LCD  screen 
and  its  cover.  Pathetic! 

The  result  of  engineers  having  their  evil  way  with  prod¬ 
ucts  is  almost  always  that  hardware  or  software  will  work 


Why  high  tech  is  at  fault 
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provided  you  use  it  exactly  as  they  say  or  you  are  an  en¬ 
gineer.  Otherwise, you’ll  need  an  aspirin  and  lots  of  luck  or 
a  consultant.  Or  all  three. 

Next,  manuals.  Manuals  are  not  good  for  anything 
other  than  padding  the  equipment  in  transit  (again, 
the  Razr  manual  is  a  good  example).  It  seems  that  the 
idea  of  writing  manuals  in,  say,  Urdu,  having  them 
translated  into  Latvian  by  Japanese  schoolchildren 
and  then  back  into  English  by  machine  translation 
makes  more  sense  than  writing  them  in  English.  Why 
is  it  that  product  managers  seem  to  never  pay  any 
attention  to  manuals?  It  is  like  they  can’t  see  them, 
and  anytime  you  bring  up  the  topic  they  act  like  you 
are  speaking  in  tongues. 

Those  are  bad  enough,  but  worse  are  yet  to  come.  How 
about  the  way  high-tech  companies  keep  changing  user 
interfaces?  I  suspect  that  user  interface  design  is  a  contact 
sport  as  far  as  marketing  is  concerned.  For  example,  ever 
notice  how  many  programs  have  the  same  features  from 
one  release  to  the  next  but  often  in  totally  different 
places?  And  the  shortcut  keys  change  so  that  whatever 
was  “copy”  becomes  “delete  all,”  and  whatever  was  “undo” 
becomes  “quit  without  warning  and  shut  down  the  PC 
after  erasing  the  hard  drive.” 

What  about  hardware  design?  Why  is  it  always  working 


against  you  rather  than  for  you?  For  example,  why  are 
plugs  and  sockets  on  equipment  always  squashed  to¬ 
gether  so  that  you  need  fingers  the  size  of  a  5-year-old  to 
get  at  them,  and  why  are  they  labeled  so  that  their  func¬ 
tions  can  be  discerned  only  in  full  sunlight  if  you  have 
perfect  vision  and  a  magnifying  glass? 

And  the  biggie:  support.The  average  user  support  group 
is  a  disaster.  It  is  like  trying  to  get  blood  from  a  stone. They 
are  frequently  more  bureaucratic  than  the  IRS  and  have 
the  customer-care  skills  of  Attila  the  Hun. They  live  in  a 
netherworld  of  too  little  time  and  too  many  problems 
from  too  many  people  while  not  being  paid  enough.  And 
their  management  never  actually  talks  to  them.  Is  it  any 
wonder  they  take  it  out  on  you? 

So  what  I’m  trying  to  tell  you  is  that  it  isn’t  your  fault. You 
are  in  the  clear. You  do  your  bit  to  bring  light  and  reason 
into  the  world,  and  you  are  simply  being  thwarted  by 
forces  far  greater  than  yourself.  So  take  heart . . .  even 
though  it  is  going  to  get  worse  before  it  gets  better,  at  least 
you  are  assured  of  employment,  because,  while  everyone 
will  blame  you  as  always, you  will  still  be  the  only  guy 
who  can  make  this  stuff  work  for  them. 

Your  faults  to  Gibbsblog  or  send  ’em  over  to 
backspin  @gibbs.  com. 


NETBUZZ  News,  insights  and  oddities 

When  ‘must-see  TV’  hits  your  network 


Paul  McNamara 


What  do  you  say  we  plop  aTV  set  on  the  desk  of  every 
employee  in  your  organization. 

Sounds  nuts,  you  say?  . . .  Already  done,  isn't  it? 

Aren’t  PCs  with  a  broadband  connection  becoming 
more  indistinguishable  from  aTV  with  each  passing  day?  Much  of  college  basketball’s 
March  Madness  tournament  was  available  —  live  —  thanks  to  the  good  folks  at  CBS, 
who  were  so  cognizant  of  what  that  would  mean  for  network  managers  that  they 
offered  advice  for  blocking  the  broadcasts.  ABC  just  made  a  splash  by  announcing  it 
will  offer  free  online  access  to  prime-time  programs  such  as  “Desperate  Housewives” 
and  "Lost”  the  day  after  they  air. . . .  Can  the  soaps  be  far  behind? 

Here's  a  pitch  I  saw  from  one  Web  site:  "Take  A  QuickTV  Break!  Are  you  feeling  that 
the  day  is  getting  too  long  and  you’re  falling  asleep  at  your  desk?  Sneak  in  a  quick 
energizer.  Let  us  show  you  how  to  use  your  PC  to  catch  a  comedy  just  to  brighten  your 
day,  update  yourself  with  a  quick  news  clip,  or  watch  your  favorite  artist's  music  video!” 

Knowing  those  exclamation  points  would  register  as  darts  for  network  professionals, 

I  turned  last  week  to  the  members  of  my  blog’s  e-mail  list  —  the  Buzzblog  Brigade  — 
for  their  views  on  this  PC-to-T  V  evolution.  What  follows  is  some  of  their  venting: 

"We're  going  to  see  a  lot  more  places  clamping  down.  For  starters,  bandwidth  has 
limits,  and  if  a  large  portion  of  a  workplace's  population  is  watching  ‘Lost,’  that  isn’t 
going  to  be  good  for  network  performance,"  writes  John  Gog,  network  system  admin¬ 
istrator  for  the  city  of  Birmingham,  Ala.  "But  my  bigger  issue  is  the  _ 

waste  of  time.  I  get  very  tired  of  hearing  how  people  are  working  soooo 
many  hours,  when  those  same  people  (in  many  cases)  are  spending 
hours  each  week  doing  personal  surfing.  Having  survived  the  NCAA 
tournament,  which  had  users  watching  games  and  spending  time  fid¬ 
dling  with  their  brackets,  the  thought  of  them  now  watching  primetime 
programming  during  work  hours  is  sickening.” 

And  let's  not  forget  the  audiophiles. 

“We  have  already  found  ourselves  having  to  block  radio  station  Web 
sites,”  writes  Bill  Dotson,  IT  manager  for  Crown  Packaging  in 
Chesterfield,  Mo.  "Users  don't  realize  (or  even  consider)  the  amount  of 
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bandwidth  it  takes  to  listen  to  streaming  audio.  I’m  sure  they’ll  give  equal  consideration 
to  bandwidth  when  watching  television  over  the  'Net.  And  since  many  of  those  ‘tele¬ 
vised’  programs  come  from  sites  that  are  not  blocked  by  ourWeb  filters,  I’m  sure  we’ll 
struggle  to  prevent  users  from  bringing  our  network  to  its  knees  while  they  watch 
‘Desperate  Housewives’  at  their  desk.” 

“I  fully  expect  at  some  point  someone  will  download  an  entire  episode  of  someTV 
show  and  then  e-mail  it  to  one  of  their  friends,  further  bogging  down  our  network. 
Maybe  educating  users  about  bandwidth-intensive  activities  is  the  way  to  go.Then 
again,  maybe  I  can  teach  a  turtle  to  tango.” 

Some  workplaces  are  already  in  just-say-no  mode. 

"My  company  has  already  clamped  down.  No  March  Madness.  No  Internet  radio," 
writes  Howard  Stewart,  RIS/PACS  administrator  at  Southern  Ohio  Medical  Center  in 
Portsmouth.  "They  don’t  mind  us  wasting  a  little  time  on  low-bandwidth  activities,  but 
until  we  see  some  major  upgrades  to  the  network  infrastructure  we  won’t  be  getting 
any  WebTV.” 

And  at  least  one  reader  sees  hope  on  the  horizon. 

"Sure,  every  PC  is  now  aTV/storm  drain  for  bandwidth.  But  with  the  proliferation  of 
attack-mitigation  devices  and  Internet-filtering  appliances,  our  job  is  getting  a  little 
easier  —  at  least  on  the  technical  side,”  writes  Glenn  Freel,  a  systems  administrator. 

“We  are  currently  filtering  Web  use  through  a  URL-based  appliance.  We’re  also  em- 
________  ploying  a  device  that  gives  very  customizable  and  automated  reports 

based  on  top  destination  ports,  source  or  destination  IP  addresses, 
machine  names,  users  ranked  by  traffic,  or  any  activity  on  ports  known 
to  be  [peer  to  peer]  or  other  problem  areas. 

"I  try  to  keep  on  top  of  things,  such  as  knowing  beforehand  that  CBS 
was  going  with  the  March  Madness  deliveries.  But  with  the  proper  pre¬ 
cautions  in  place,  most  of  my  worry  was  whether  I  could  resist  the 
temptation  myself.” 


Want  to  join  the  Buzzblog  Brigade?  Just  let  me  know  at 
buzz@nww.com. 
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NetVanta  7100 — Everything  a  small  office 
needs  for  voice,  data  and  Internet 


ADTRAN  offers  a  broad 
range  of  IP  phones  to 
meet  your  business 
communication  needs 


NetVanta  7100 
Integrated  IP  PBX,  Voicemail, 
Auto  Attendant,  Router,  24-port 
PoE  Switch,  VPN,  Firewall 


J  NetVanta  7100: 

A  phone  system  and 
data  network, 

all  in  a  single  device 


The  ADTRAN  NetVanta®  7100  is  the  newest  addition  to  our  field- 
proven  suite  of  NetVanta  switches,  routers  and  VPN/Firewall  solutions. 

This  new  IP  PBX  with  integrated  switch-router— an  Office  in  a  Box— 
provides  a  complete  solution  for  growing  small  and  medium 
■  businesses.  Your  office  communications  can  be  up  and  running 
quickly  and  smoothly  with  this  converged  IP  platform. 


Copyright®  2006  ADTRAN  Inc  All  rights  reserved  ADTRAN  and  NetVanta  are  registered 
trademarks  ol  ADTRAN.  Inc  Five  year  warranty  applies  in  North  America  and  Europe. 
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Imagine  a  comprehensive  telephony  and  data  networking 
solution  that  consolidates  voice,  data,  Internet  and  security- 
all  in  a  single  device. 
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High  costs  for  communications  are  now  a  thing  of  the  past. 

With  ADTRAN,  you  can  easily  lower  your  total  cost  of  ownership.  Every 
NetVanta  includes  ADTRAN’s  100%  satisfaction  guarantee,  backed 
by  industry-leading  technical  support  (before  and  after  the  sale),  '  •  .  XX 

free  firmware  upgrades,  and  a  full  5-year  warranty. 

’ 


www.adtran.  com/ipt 


1.800  9 ADTRAN 

(923-8726) 
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The  Network  Access  Company 
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INTRODUCING  BUILT  IN  BroadbandConnect 


the  only  built  in  wireless  connection 
that  works  in  more  places  than  you  do. 


Get  a  Dell  ™  Latitude  notebook  equipped  with  Cingular's 
supercharged  wireless  network. 


D&LL 


Available  on  the  Dell  Latitude  D620  and  D820. 
Nothing  to  install.  Just  activate  and  go. 


Access  your  business-critical  information 
in  13,000  cities  and  towns  and  in  100  countries 
around  the  world. 


More  secure  than  Wi-Fi  with  a  wider 
coverage  area  -  no  hotspots  required. 


Runs  on  Cingular's  BroadbandConnect  and  EDGE, 
the  largest  national  high-speed  wireless  data  network. 


Broadband  speeds  on  the  3G  global  standard 
everywhere  BroadbandConnect  is  available. 


CINGULAR  MAKES  BUSINESS  RUN  BETTER 


Click  www.cingular.com/dell 


X  cinqular 

raising  the  barr.iill 


Coverage  not  available  in  all  areas.  Cingular  covers  273  million  people.  Wireless  service  not  included  with  notebook.  Other  conditions  and  restrictions  apply. 
The  Dell  logo  is  a  trademark  of  Dell  Computer  Corporation.  ©2006  Cingular  Wireless.  All  rights  reserved. 


